Vulnerability cyber

Lenovo

Aug 11, 2025 1 min read
Lenovo

A critical vulnerability was discovered in Lenovo webcams, allowing remote hackers to weaponize them into BadUSB attack tools. The flaw, stemming from a lack of firmware signature validation, enables attackers to inject malicious keystrokes and maintain persistence even after system reinstalls. This attack exploits Linux-based USB gadget functionality, transforming the webcam into a Human Interface Device (HID) capable of executing malicious commands. Lenovo released firmware updates to mitigate the issue, but other Linux USB devices remain at risk.

Source: https://cybersecuritynews.com/hackers-weaponized-linux-webcams/

TPRM report: https://www.rankiteo.com/company/lenovo

"id": "len224081225",
"linkid": "lenovo",
"type": "Vulnerability",
"date": "8/2025",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'industry': 'Technology',
                        'name': 'Lenovo',
                        'type': 'Corporation'}],
 'attack_vector': 'Remote firmware manipulation via USB',
 'description': 'A critical vulnerability was uncovered that transforms '
                'ordinary Linux-powered webcams into weaponized BadUSB attack '
                'tools, enabling remote hackers to inject malicious keystrokes '
                'and compromise target systems without detection.',
 'initial_access_broker': {'backdoors_established': 'Persistent backdoor via '
                                                    'reflashed firmware',
                           'entry_point': 'USB-connected webcam'},
 'lessons_learned': 'Any USB-attached device running Linux without firmware '
                    'validation could potentially be exploited using similar '
                    'attack vectors, fundamentally challenging traditional '
                    'endpoint security models and necessitating enhanced '
                    'hardware trust verification mechanisms.',
 'post_incident_analysis': {'corrective_actions': 'Updated firmware '
                                                  'installation tool '
                                                  'addressing signature '
                                                  'validation flaw',
                            'root_causes': 'Absence of firmware signature '
                                           'validation during update process'},
 'references': [{'source': 'Eclypsium'}, {'source': 'DEF CON 2025'}],
 'response': {'remediation_measures': 'Updated firmware installation tool '
                                      'addressing signature validation flaw'},
 'title': 'Critical Vulnerability in Linux-Powered Webcams Enables Remote '
          'BadUSB Attacks',
 'type': 'Vulnerability Exploitation',
 'vulnerability_exploited': 'Absence of firmware signature validation during '
                            'update process'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.