Local Information Disclosure in Lenovo Tablets
CVE-2025-11193

6.8MEDIUM

Key Information:

Vendor: Lenovo
Status: Tab M11 Tb330fu Tb330xu; Tab K11 Tb330fu Tb330fup Tb330xu Tb330xup; Idea Tab Pro Tb373fu; Tab Wifi 5g
Vendor: CVE Published:; 3 November 2025

What is CVE-2025-11193?

A vulnerability has been identified in certain Lenovo Tablets that may permit a local authenticated user or application to access sensitive information specific to the device. This could potentially expose critical user data if exploited. Users are advised to monitor their device's security patches and updates to mitigate any risks associated with this vulnerability.

Affected Version(s)

Idea Tab Pro TB373FU 0 < 17.0.04.184

Tab Extreme TB570ZU TB570FU 0 < 17.0.104

Tab K11 Plus LTE TB352FU TB352XU 0 < 17.0.10.213

References

https://support.lenovo.com/us/en/product_security/LEN-202383

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 3, 2025
Vulnerability Reserved
Sep 30, 2025

Credit

Lenovo thanks Tim Schumacher for reporting this issue.

JSON