← back
CVE-2025-4371

CVE-2025-4371

CVSS 7 HIGHEPSS 0.2%CWE-347
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
18 Aug 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that could allow an attacker with physical access to write arbitrary firmware updates to the device over a USB connection.
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
Lenovo · 510 FHD WebcamLenovo · Performance FHD Webcam

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.lenovo.com/us/en/product_security/LEN-194466