Vulnerabilities > CVE-2023-0896 - Unspecified vulnerability in Lenovo Smart Clock Essential With Alexa Built in Firmware

CVSS 8.8 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

lenovo

NVD

Published: 2023-05-01

Updated: 2023-05-09

Summary

A default password was reported in Lenovo Smart Clock Essential with Alexa Built In that could allow unauthorized device access to an attacker with local network access.

Vulnerable Configurations

Part	Description	Count
OS	Lenovo Lenovo Smart Clock Essential With Alexa Built IN Firmware *	1
Hardware	Lenovo Lenovo Smart Clock Essential With Alexa Built IN -	1

References

https://support.lenovo.com/us/en/product_security/LEN-113714