CVE-2025-13453 – A physical security vulnerability in certain Th... (How to Fix)

Q: What is the severity of CVE-2025-13453?

CVE-2025-13453 has a CVSS score of 4.6 (MEDIUM). A physical security vulnerability in certain ThinkPlus USB drives allows unauthorized data access when an attacker has physical possession of the device. This affects users of vulnerable ThinkPlus USB drive models who store sensitive data on these devices. The vulnerability enables reading stored data without proper authentication.

📋 TL;DR

A physical security vulnerability in certain ThinkPlus USB drives allows unauthorized data access when an attacker has physical possession of the device. This affects users of vulnerable ThinkPlus USB drive models who store sensitive data on these devices. The vulnerability enables reading stored data without proper authentication.

💻 Affected Systems

Products:

ThinkPlus USB drives (specific models not detailed in reference)

Versions: All versions of affected models

Operating Systems: All operating systems that support USB storage

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists at hardware/firmware level. Specific model numbers not provided in available reference.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sensitive data stored on the USB drive is fully compromised, including confidential documents, credentials, or personal information, leading to data breaches or identity theft.

🟠

Likely Case

Unauthorized reading of stored files when the USB drive is lost, stolen, or accessed by unauthorized personnel in physical proximity.

🟢

If Mitigated

Minimal impact if drives are encrypted, physically secured, or contain only non-sensitive data.

🌐 Internet-Facing: LOW - This is a physical access vulnerability requiring direct interaction with the hardware device.

🏢 Internal Only: MEDIUM - Internal users with physical access to vulnerable drives could potentially read unauthorized data, but requires specific hardware and opportunity.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires physical access to the USB drive. No authentication bypass needed once physical access is obtained.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: N/A

Vendor Advisory: https://iknow.lenovo.com.cn/detail/436983

Restart Required: No

Instructions:

No firmware patch available. Replace affected USB drives with secure models or implement encryption workarounds.

🔧 Temporary Workarounds

Enable Full Disk Encryption

all

Use operating system or third-party encryption to protect data on USB drives

Windows: Use BitLocker To Go
Linux: Use LUKS encryption
macOS: Use FileVault

Use Encrypted Container Files

all

Store sensitive data in encrypted archive files (e.g., VeraCrypt, 7-Zip with encryption)

VeraCrypt: Create encrypted volume
7-Zip: 7z a -p archive.7z files/ -mhe

🧯 If You Can't Patch

Replace vulnerable ThinkPlus USB drives with secure models from different manufacturers
Implement strict physical security controls for USB drive storage and usage

🔍 How to Verify

Check if Vulnerable:

Check if you own ThinkPlus USB drives and consult Lenovo's advisory for specific model numbers

Check Version:

N/A - Hardware vulnerability, not software version dependent

Verify Fix Applied:

Verify encryption is enabled by attempting to access data without proper credentials

📡 Detection & Monitoring

Log Indicators:

Physical security logs showing unauthorized access to storage areas
USB device access logs showing unusual patterns

Network Indicators:

N/A - Physical access vulnerability

SIEM Query:

N/A - Primarily physical security monitoring required

📊 Metadata

CVE ID: CVE-2025-13453

CVSS v3 Score: 4.6 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-311

EPSS Score: 0.01% exploit probability (1.1th percentile)

Published: January 14, 2026

Last Updated: February 25, 2026

🔗 References

https://iknow.lenovo.com.cn/detail/436983 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-13453, you might also want to check these: