CVE-2023-5080 — MEDIUM (6.8)

Q: What is CVE-2023-5080?

CVE-2023-5080 is a vulnerability with a CVSS score of 6.8 (MEDIUM). A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow local applications access to device identifiers and system commands.

Q: How severe is CVE-2023-5080?

CVE-2023-5080 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-5080?

Check the references section above for vendor advisories and patch information. Affected products include: Lenovo Tab M8 Hd Tb8505F Firmware, Lenovo Tab M8 Hd Tb8505F, Lenovo Tab M8 Hd Tb8505Fs Firmware, Lenovo Tab M8 Hd Tb8505Fs, Lenovo Tab M8 Hd Tb8505X Firmware.

Vulnerability Description

A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow local applications access to device identifiers and system commands.

CVSS Score

6.8

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Lenovo	Tab M8 Hd Tb8505F Firmware	< 8505f_usr_s301106_2309140042_v9.56_bmp_row
Lenovo	Tab M8 Hd Tb8505F	-
Lenovo	Tab M8 Hd Tb8505Fs Firmware	< 8505fs_usr_s301107_2309140028_v9.56_bmp_row
Lenovo	Tab M8 Hd Tb8505Fs	-
Lenovo	Tab M8 Hd Tb8505X Firmware	< 8505x_usr_s301129_2309141226_v9.56_bmp_row
Lenovo	Tab M8 Hd Tb8505X	-
Lenovo	Tab M8 Hd Tb8505Xs Firmware	< 8505xs_usr_s301077_2309140036_v9.56_bmp_row
Lenovo	Tab M8 Hd Tb8505Xs	-
Lenovo	Tab M10 Plus Gen 3 Tb125Fu Firmware	< tb125fu_usr_s100116_2311171525_mp1rc_row
Lenovo	Tab M10 Plus Gen 3 Tb125Fu	-
Lenovo	Tab P11 Pro Gen 2 Tb132Fu Firmware	< tb132fu_s240219_231123_row
Lenovo	Tab P11 Pro Gen 2 Tb132Fu	-

Related Weaknesses (CWE)

CWE-266

References

https://support.lenovo.com/us/en/product_security/LEN-142135Vendor Advisory
https://support.lenovo.com/us/en/product_security/LEN-142135Vendor Advisory

FAQ

What is CVE-2023-5080?

CVE-2023-5080 is a vulnerability with a CVSS score of 6.8 (MEDIUM). A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow local applications access to device identifiers and system commands.

How severe is CVE-2023-5080?

CVE-2023-5080 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-5080?

Check the references section above for vendor advisories and patch information. Affected products include: Lenovo Tab M8 Hd Tb8505F Firmware, Lenovo Tab M8 Hd Tb8505F, Lenovo Tab M8 Hd Tb8505Fs Firmware, Lenovo Tab M8 Hd Tb8505Fs, Lenovo Tab M8 Hd Tb8505X Firmware.