CVE-2025-1479

MEDIUM 5.3

CVSS Score

5.3

EPSS Score

0.0%

EPSS Percentile

0th

An open debug interface was reported in the Legion Space software included on certain Legion devices that could allow a local attacker to execute arbitrary code.

CWE	CWE-489
Vendor	lenovo
Product	legion space for legion go
Published	May 30, 2025
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for lenovo legion space for legion go

Be the first to know when new medium vulnerabilities affecting lenovo legion space for legion go are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Affected Versions

Lenovo / Legion Space for Legion Go

0 < 1.2.3.8

Lenovo / Legion Space for Legion PC

0 < 1.4.11.4

References

NVD ↗ CVE.org ↗ EPSS Data ↗

support.lenovo.com: https://support.lenovo.com/us/en/product_security/LEN-186929

Credits

Lenovo thanks Aobo Wang(@M4x_1997) of Chaitin Security Research Lab for reporting this issue.