What is CVE-2025-10495?

CVE-2025-10495 is a high-severity vulnerability in Lenovo App Store, classified under Improper Certificate Validation. CVSS score: 7.5/10. Published 2025-11-12.

How severe is CVE-2025-10495?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Lenovo App Store

CVE-2025-10495

A potential vulnerability was reported in the Lenovo PC Manager, Lenovo App Store, Lenovo Browser, and Lenovo Legion Zone client applications that, under certain conditions, could allow an attacker on the same logical network to execute ar…

Vulnerability class: Improper Certificate Validation

EPSS: 0.000 (8.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Lenovo App Store — versions 0
Lenovo Browser — versions 0
Lenovo Legion Zone — versions 0
Lenovo Pc Manager — versions 0

Weakness classification (CWE)

CWE-295 — Improper Certificate Validation

References

iknow.lenovo.com.cn/detail/434328

Frequently asked questions

What is CVE-2025-10495?: CVE-2025-10495 is a high-severity vulnerability in Lenovo App Store, classified under Improper Certificate Validation. CVSS score: 7.5/10. Published 2025-11-12.
How severe is CVE-2025-10495?: High severity. CVSS v3 base score is 7.5 out of 10.