Detections
Analytics

CVE-2025-14058

low

Description

A potential missing authentication vulnerability was reported in some Lenovo Tablets that could allow an unauthorized user with physical access to modify Control Center settings if the device is locked when the "Allow Control Center access when locked" option is disabled.

References

https://support.lenovo.com/us/en/product_security/LEN-207951

Details

Source: Mitre, NVD

Published: 2026-01-14

Updated: 2026-01-14

Risk Information

CVSS v2

Base Score: 3.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:P

Severity: Low

CVSS v3

Base Score: 3.2

Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

Severity: Low

CVSS v4

Base Score: 2.4

Vector: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

Severity: Low

EPSS

EPSS: 0.00024