Information Disclosure Vulnerability in Lenovo Tab M8 HD
CVE-2023-5081

3.3LOW

Key Information:

Vendor: Lenovo
Status: Tablet
Vendor: CVE Published:; 19 January 2024

Summary

An information disclosure vulnerability in the Lenovo Tab M8 HD was identified, potentially allowing local applications to access non-resettable device identifiers. This could lead to exposure of sensitive information, which may facilitate unauthorized tracking or profiling of the device. Users are advised to implement appropriate security measures and monitor for any unusual activity. Further details can be found on Lenovo's support page.

Affected Version(s)

Tablet various

References

https://support.lenovo.com/us/en/product_security/LEN-142135

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 19, 2024
Vulnerability Reserved
Sep 19, 2023

Credit

Lenovo thanks Ryan Johnson and Mohamed Elsabagh of Quokka for reporting this issue.