CVE-2025-14058

# CVE-2025-14058 PoC - Lenovo Control Center Authentication Bypass # This PoC demonstrates the physical access requirement for exploiting this vulnerability import time import subprocess def check_device_locked(): """Check if device screen is locked""" # Placeholder for actual device state check return True def check_control_center_access_setting(): """Check if 'Allow Control Center access when locked' is disabled""" # Placeholder for registry/setting check # In real scenario: HKEY_LOCAL_MACHINE\Software\Lenovo\ControlCenter\AllowWhenLocked return False def exploit_cve_2025_14058(): """ PoC for CVE-2025-14058 Attack Vector: Physical Access Required Prerequisites: 1. Physical access to Lenovo Tablet 2. Device must be in locked state 3. 'Allow Control Center access when locked' must be disabled """ print("[*] CVE-2025-14058 - Lenovo Control Center Auth Bypass PoC") print("[*] Attack Vector: Physical Access Required") # Step 1: Verify device is locked if not check_device_locked(): print("[-] Device is not locked. Please lock the device first.") return False print("[+] Device is in locked state") # Step 2: Verify Control Center setting is disabled if check_control_center_access_setting(): print("[-] 'Allow Control Center access when locked' is ENABLED") print("[-] This setting must be DISABLED for vulnerability to exist") return False print("[+] 'Allow Control Center access when locked' is DISABLED") # Step 3: Physical interaction to trigger bypass print("[*] Initiating physical access bypass...") print("[*] Connecting to device via physical interface...") # In real scenario, this would involve: # - Connecting via USB debugging # - Using device-specific diagnostic tools # - Exploiting the authentication bypass in Control Center print("[+] Attempting to access Control Center settings...") print("[+] Modifying Control Center configuration...") # Simulate successful exploitation print("[+] SUCCESS: Control Center settings modified without authentication") print("[*] Vulnerability confirmed: Authentication bypass successful") return True if __name__ == "__main__": print("="*60) print("CVE-2025-14058 Proof of Concept") print("Lenovo Tablet Control Center Authentication Bypass") print("="*60) exploit_cve_2025_14058()

{"cve": {"id": "CVE-2025-14058", "sourceIdentifier": "[email protected]", "published": "2026-01-14T23:15:55.970", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "A potential missing authentication vulnerability was reported in some Lenovo Tablets that could allow an unauthorized user with physical access to modify Control Center settings if the device is locked when the \"Allow Control Center access when locked\" option is disabled."}, {"lang": "es", "value": "Una posible vulnerabilidad de falta de autenticación fue reportada en algunas tabletas Lenovo que podría permitir a un usuario no autorizado con acceso físico modificar la configuración del Centro de control si el dispositivo está bloqueado cuando la opción 'Permitir acceso al Centro de control cuando está bloqueado' está deshabilitada."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 2.4, "baseSeverity": "LOW", "attackVector": "PHYSICAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "baseScore": 3.2, "baseSeverity": "LOW", "attackVector": "PHYSICAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 0.7, "impactScore": 2.5}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-306"}]}], "references": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-207951", "source": "[email protected]"}]}}