CVE-2025-1479

Summary

An open debug interface was reported in the Legion Space software included on certain Legion devices that could allow a local attacker to execute arbitrary code.

Affected Software

VendorProductVersion RangeStatus
LenovoLegion Space for Legion Go0 < 1.2.3.8affected
LenovoLegion Space for Legion PC0 < 1.4.11.4affected

Weaknesses

  • CWE-489: CWE-489: Active Debug Code

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References