Detections
Analytics

CVE-2025-4371

high

Description

A potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that could allow an attacker with physical access to write arbitrary firmware updates to the device over a USB connection.

References

https://www.securityweek.com/badcam-new-badusb-attack-turns-linux-webcams-into-persistent-threats/

https://thehackernews.com/2025/08/linux-based-lenovo-webcams-flaw-can-be.html

https://eclypsium.com/blog/badcam-now-weaponizing-linux-webcams/

https://support.lenovo.com/us/en/product_security/LEN-194466

Details

Source: Mitre, NVD

Published: 2025-08-18

Updated: 2025-08-18

Named Vulnerability: BadCam

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 6.8

Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Medium

CVSS v4

Base Score: 7

Vector: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Severity: High

EPSS

EPSS: 0.0002