Primary

Context

Lenovo Tablets Missing Authentication Vulnerability Allowing Unauthorized Modification of Control Center Settings

Vulnerability

A missing authentication vulnerability exists in certain Lenovo Tablets. This issue could enable an unauthorized user with physical access to alter Control Center settings on a locked device, provided the 'Allow Control Center access when locked' option is turned off.

Impact

Exploitation of this vulnerability could lead to unauthorized changes in the Control Center settings of the affected Lenovo Tablets.

Remediation

Users can update their devices to the minimum fixed version specified in the Lenovo Security Advisory LEN-207951. Instructions for downloading the update are available on the Lenovo Drivers & Software support site.

Added: Jan 14, 2026, 11:26 PM

Updated: Jan 14, 2026, 11:26 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

3.3

remediation

8.3

relevance

2.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

3.3

remediation

8.3

relevance

2.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Lenovo Tablets Missing Authentication Vulnerability Allowing Unauthorized Modification of Control Center Settings

Vulnerability

Impact

Remediation

Affected Products

Lenovo Idea Tab Pro

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating