CVE-2023-5080

A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow local applications access to device identifiers and system commands.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:lenovo:tab_m8_hd_tb8505f_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:tab_m8_hd_tb8505f:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:lenovo:tab_m8_hd_tb8505fs_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:tab_m8_hd_tb8505fs:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:lenovo:tab_m8_hd_tb8505x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:tab_m8_hd_tb8505x:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:lenovo:tab_m8_hd_tb8505xs_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:tab_m8_hd_tb8505xs:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:lenovo:tab_m10_plus_gen_3_tb125fu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:tab_m10_plus_gen_3_tb125fu:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:lenovo:tab_p11_pro_gen_2_tb132fu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:tab_p11_pro_gen_2_tb132fu:-:*:*:*:*:*:*:*

History

16 Sep 2024, 15:15

Type Values Removed Values Added
CWE CWE-269 CWE-266

26 Jan 2024, 16:02

Type Values Removed Values Added
First Time Lenovo tab P11 Pro Gen 2 Tb132fu
Lenovo tab M8 Hd Tb8505f Firmware
Lenovo tab M8 Hd Tb8505fs Firmware
Lenovo tab M8 Hd Tb8505f
Lenovo tab M8 Hd Tb8505fs
Lenovo tab M8 Hd Tb8505xs
Lenovo tab M10 Plus Gen 3 Tb125fu Firmware
Lenovo tab M8 Hd Tb8505xs Firmware
Lenovo tab M10 Plus Gen 3 Tb125fu
Lenovo tab M8 Hd Tb8505x
Lenovo tab P11 Pro Gen 2 Tb132fu Firmware
Lenovo
Lenovo tab M8 Hd Tb8505x Firmware
CVSS v2 : unknown
v3 : 6.8
v2 : unknown
v3 : 7.8
References () https://support.lenovo.com/us/en/product_security/LEN-142135 - () https://support.lenovo.com/us/en/product_security/LEN-142135 - Vendor Advisory
CPE cpe:2.3:h:lenovo:tab_m8_hd_tb8505fs:-:*:*:*:*:*:*:*
cpe:2.3:o:lenovo:tab_m8_hd_tb8505x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:lenovo:tab_m8_hd_tb8505fs_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:lenovo:tab_p11_pro_gen_2_tb132fu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:tab_m8_hd_tb8505xs:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:tab_p11_pro_gen_2_tb132fu:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:tab_m10_plus_gen_3_tb125fu:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:tab_m8_hd_tb8505x:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:tab_m8_hd_tb8505f:-:*:*:*:*:*:*:*
cpe:2.3:o:lenovo:tab_m8_hd_tb8505xs_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:lenovo:tab_m10_plus_gen_3_tb125fu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:lenovo:tab_m8_hd_tb8505f_firmware:*:*:*:*:*:*:*:*
CWE CWE-269 NVD-CWE-noinfo

19 Jan 2024, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-19 20:15

Updated : 2024-09-16 15:15


NVD link : CVE-2023-5080

Mitre link : CVE-2023-5080

CVE.ORG link : CVE-2023-5080


JSON object : View

Products Affected

lenovo

  • tab_m8_hd_tb8505fs
  • tab_m8_hd_tb8505fs_firmware
  • tab_m10_plus_gen_3_tb125fu_firmware
  • tab_p11_pro_gen_2_tb132fu_firmware
  • tab_m8_hd_tb8505f
  • tab_m8_hd_tb8505x_firmware
  • tab_m8_hd_tb8505xs
  • tab_m8_hd_tb8505x
  • tab_m10_plus_gen_3_tb125fu
  • tab_p11_pro_gen_2_tb132fu
  • tab_m8_hd_tb8505f_firmware
  • tab_m8_hd_tb8505xs_firmware
CWE
NVD-CWE-noinfo CWE-266

Incorrect Privilege Assignment