Lenovo Tablet Auth Bypass: Obsolete Control Center Setting
CVE-2025-14058 Published on January 14, 2026

A potential missing authentication vulnerability was reported in some Lenovo Tablets that could allow an unauthorized user with physical access to modify Control Center settings if the device is locked when the "Allow Control Center access when locked" option is disabled.

NVD

Vulnerability Analysis

CVE-2025-14058 is exploitable with physical access, requires user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity and availability.

Attack Vector:

PHYSICAL

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

REQUIRED

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

LOW

Availability Impact:

LOW

Weakness Type

Missing Authentication for Critical Function

The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Products Associated with CVE-2025-14058

Want to know whenever a new CVE is published for Lenovo products? stack.watch will email you.

Lenovo Tab M11 Tb330fu Tb330xu

Lenovo Tab K11 Tb330fu

Lenovo Tab K11 Tb330fup

Lenovo Tab K11 Tb330xu

Lenovo Tab K11 Tb330xup

Lenovo Idea Tab Pro Tb373fu

Lenovo Tab K9 Tb305fu

Lenovo Tab K9 Tb305xu

Lenovo Tab Plus Tb351fu

Lenovo Tab M8 4th Gen 2024 Tb301fu

Lenovo Tab M8 4th Gen 2024 Tb301xu

Lenovo Tab Extreme Tb570zu Tb570fu

Lenovo Tab M10 5g Tb360zu

Lenovo Tab M8 4th Gen Tb300fu

Lenovo Tab M8 4th Gen Tb300xu

Lenovo Tab M9 Tb310fu

Lenovo Tab M9 Tb310xu

Lenovo Tab P11 2nd Gen Tb350xu

Lenovo Tab P11 2nd Gen Tb350fu

Lenovo Tab P12 Tb370fu

Lenovo Tab P12 Tb372fu

Lenovo Tab K11 Plus Lte Tb352fu

Lenovo Tab K11 Plus Lte Tb352xu

Lenovo Yoga Tab Plus Tb520fu

Lenovo Tab K11 Gen 2 Tb336zu

Lenovo Tab7

Lenovo Tab With Clear Case Tb311fu

Lenovo Tab With Folio Case Tb311xu

Lenovo Legion Tab Tb321fu

Lenovo Legion Tab Tb320fc

Lenovo Idea Tab Tb336fu

Affected Versions

Lenovo Tab M11 TB330FU TB330XU:

Before 17.0.284 is affected.

Lenovo Tab K11 TB330FU:

Before 17.0.284 is affected.

Lenovo Tab K11 TB330FUP:

Before 17.0.254 is affected.

Lenovo Tab K11 TB330XU:

Before 17.0.084 is affected.

Lenovo Tab K11 TB330XUP:

Before 17.0.254 is affected.

Lenovo Idea Tab Pro TB373FU:

Before ZUI_17.0.04.266_ST_251120 is affected.

Lenovo Tab K9 TB305FU:

Before 17.0.10.118 is affected.

Lenovo Tab K9 TB305XU:

Before 17.0.10.098 is affected.

Lenovo Tab Plus TB351FU:

Before 17.5.10.023 is affected.

Lenovo Tab M8 4th Gen 2024 TB301FU:

Before TB301FU_USR_S000126_250919_MP1V1111_ROW is affected.

Lenovo Tab M8 4th Gen 2024 TB301XU:

Before TB301XU_USR_S000147_250919_MP1V1111_ROW is affected.

Lenovo Tab Extreme TB570ZU TB570FU:

Before 17.5.184 is affected.

Lenovo Tab M10 5G TB360ZU:

Before 16.0.882 is affected.

Lenovo Tab M8 4th Gen TB300FU:

Before TB300XU_USR_S100149_250919_MP1V1111_ROW is affected.

Lenovo Tab M8 4th Gen TB300XU:

Before TB300FU_USR_S100122_250919_MP1V1111_ROW is affected.

Lenovo Tab M9 TB310FU:

Before TB310XU_USR_S000913_2510021921_mp1V969_ROW is affected.

Lenovo Tab M9 TB310XU:

Before TB310FU_USR_S000912_2510022135_mp1V969_ROW is affected.

Lenovo Tab P11 2nd Gen TB350XU:

Before TB350FU_USER_S231044_2601050946 is affected.

Lenovo Tab P11 2nd Gen TB350FU:

Before TB350XU_USER_S231018_2601050930 is affected.

Lenovo Tab P12 TB370FU:

Before 17.0.267 is affected.

Lenovo Tab P12 TB372FU:

Before 17.0.267 is affected.

Lenovo Tab K11 Plus LTE TB352FU:

Before 17.0.10.250 is affected.

Lenovo Tab K11 Plus LTE TB352XU:

Before 17.0.10.242 is affected.

Lenovo Yoga Tab Plus TB520FU:

Before 17.5.10.036 is affected.

Lenovo Tab K11 Gen 2 TB336ZU:

Before 17.0.10.541 is affected.

Lenovo TAB7:

Before 17.0.10.541 is affected.

Lenovo Tab with Clear Case TB311FU:

Before 17.0.30.303 is affected.

Lenovo Tab with Folio Case TB311XU:

Before 17.0.31.259 is affected.

Lenovo Legion Tab TB321FU:

Before 17.5.10.031 is affected.

Lenovo Legion Tab TB320FC:

Before 17.0.339 is affected.

Lenovo Idea Tab TB336FU:

Before 17.5.10.041 is affected.

Exploit Probability

EPSS

0.04%

Percentile

10.47%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.