CVE-2025-4371

Summary

A potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that could allow an attacker with physical access to write arbitrary firmware updates to the device over a USB connection.

Affected Software

VendorProductVersion RangeStatus
Lenovo510 FHD Webcam0 < 4.8.0affected
LenovoPerformance FHD Webcam0 < 4.8.0affected

Weaknesses

  • CWE-347: CWE-347: Improper Verification of Cryptographic Signature

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References