CVE-2025-14058
Published: Jan 14, 2026
Modified: Jan 15, 2026
CVSS v3.1
3.2
Description
A potential missing authentication vulnerability was reported in some Lenovo Tablets that could allow an unauthorized user with physical access to modify Control Center settings if the device is locked when the "Allow Control Center access when locked" option is disabled.
| Vendor | Product | Versions |
|---|---|---|
Lenovo | Tab M11 TB330FU TB330XU | affected 0 - < 17.0.284 |
Lenovo | Tab K11 TB330FU | affected 0 - < 17.0.284 |
Lenovo | Tab K11 TB330FUP | affected 0 - < 17.0.254 |
Lenovo | Tab K11 TB330XU | affected 0 - < 17.0.084 |
Lenovo | Tab K11 TB330XUP | affected 0 - < 17.0.254 |
Lenovo | Idea Tab Pro TB373FU | affected 0 - < ZUI_17.0.04.266_ST_251120 |
Lenovo | Tab K9 TB305FU | affected 0 - < 17.0.10.118 |
Lenovo | Tab K9 TB305XU | affected 0 - < 17.0.10.098 |
Lenovo | Tab Plus TB351FU | affected 0 - < 17.5.10.023 |
Lenovo | Tab M8 4th Gen 2024 TB301FU | affected 0 - < TB301FU_USR_S000126_250919_MP1V1111_ROW |
Lenovo | Tab M8 4th Gen 2024 TB301XU | affected 0 - < TB301XU_USR_S000147_250919_MP1V1111_ROW |
Lenovo | Tab Extreme TB570ZU TB570FU | affected 0 - < 17.5.184 |
Lenovo | Tab M10 5G TB360ZU | affected 0 - < 16.0.882 |
Lenovo | Tab M8 4th Gen TB300FU | affected 0 - < TB300XU_USR_S100149_250919_MP1V1111_ROW |
Lenovo | Tab M8 4th Gen TB300XU | affected 0 - < TB300FU_USR_S100122_250919_MP1V1111_ROW |
Lenovo | Tab M9 TB310FU | affected 0 - < TB310XU_USR_S000913_2510021921_mp1V969_ROW |
Lenovo | Tab M9 TB310XU | affected 0 - < TB310FU_USR_S000912_2510022135_mp1V969_ROW |
Lenovo | Tab P11 2nd Gen TB350XU | affected 0 - < TB350FU_USER_S231044_2601050946 |
Lenovo | Tab P11 2nd Gen TB350FU | affected 0 - < TB350XU_USER_S231018_2601050930 |
Lenovo | Tab P12 TB370FU | affected 0 - < 17.0.267 |
Lenovo | Tab P12 TB372FU | affected 0 - < 17.0.267 |
Lenovo | Tab K11 Plus LTE TB352FU | affected 0 - < 17.0.10.250 |
Lenovo | Tab K11 Plus LTE TB352XU | affected 0 - < 17.0.10.242 |
Lenovo | Yoga Tab Plus TB520FU | affected 0 - < 17.5.10.036 |
Lenovo | Tab K11 Gen 2 TB336ZU | affected 0 - < 17.0.10.541 |
Lenovo | TAB7 | affected 0 - < 17.0.10.541 |
Lenovo | Lenovo Tab with Clear Case TB311FU | affected 0 - < 17.0.30.303 |
Lenovo | Lenovo Tab with Folio Case TB311XU | affected 0 - < 17.0.31.259 |
Lenovo | Legion Tab TB321FU | affected 0 - < 17.5.10.031 |
Lenovo | Legion Tab TB320FC | affected 0 - < 17.0.339 |
Lenovo | Idea Tab TB336FU | affected 0 - < 17.5.10.041 |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now