CVE-2025-4371

A potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that could allow an attacker with physical access to...

Basic Information

CVE State: PUBLISHED
Reserved Date: May 05, 2025
Published Date: August 18, 2025
Last Updated: August 19, 2025
Vendor: Lenovo
Product: 510 FHD Webcam, Performance FHD Webcam
Description: A potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that could allow an attacker with physical access to write arbitrary firmware updates to the device over a USB connection.

CVSS Scores

CVSS v4.0

7.0 - HIGH

Vector: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CVSS v3.1

6.8 - MEDIUM

Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC Information

Exploitation: none
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (2025-08-11 15:31:59 UTC) Source

References

https://support.lenovo.com/us/en/product_security/LEN-194466

Known Exploited Vulnerability Information

Source	Added Date
The Shadowserver (via CIRCL)	2025-08-11 15:31:59 UTC

Timeline

CVE ID Reserved

May 05, 2025
Added to KEVIntel

August 11, 2025
CVE Published to Public

August 18, 2025