Products
Lenovo Tab K10
Source
psirt@lenovo.com
Tags
CVE-2024-4786 details
Published : July 26, 2024, 8:15 p.m.
Last Modified : July 26, 2024, 8:15 p.m.
Last Modified : July 26, 2024, 8:15 p.m.
Description
An improper validation vulnerability was reported in the Lenovo Tab K10 that could allow a specially crafted application to keep the device on.
CVSS Score
| 1 | 2.8 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|---|---|
| CWE-295 | Improper Certificate Validation | The product does not validate, or incorrectly validates, a certificate. |
CVSS Data
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
Base Score
2.8
Exploitability Score
1.3
Impact Score
1.4
Base Severity
LOW
Vector String : CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
References
| URL | Source |
|---|---|
| https://support.lenovo.com/us/en/product_security/LEN-158501 | psirt@lenovo.com |
This website uses the NVD API, but is not approved or certified by it.