CVE-2025-13455

High CVSS: 7.3

A vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to bypass ThinkPlus device authentication and enroll an untrusted fingerprint.

Vendor

Lenovo

Product

Thinkplus Fu100 Firmware

CWE

CWE-290

Yayın Tarihi

2026-01-14 23:15:55

Güncelleme

2026-02-23 17:53:20

Source Identifier

psirt@lenovo.com

KEV Date Added

Kategoriler

CWE-290 Thinkplus Fu100 Firmware HIGH Lenovo 2026

Referanslar

https://iknow.lenovo.com.cn/detail/436983

Benzer Kayıtlar

Medium

CVE-2026-1716

An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiyin…

Medium

CVE-2026-1717

An input validation vulnerability was reported in the LenovoProductivitySystemAddin used in Lenovo Vantage and Lenovo Ba…

Medium

CVE-2026-1715

An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiyin…

Medium

CVE-2025-13453

A potential vulnerability was reported in some ThinkPlus USB drives that could allow a user with physical access to read…

Medium

CVE-2025-13454

A potential vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user t…

High

CVE-2025-8485

An improper permissions vulnerability was reported in Lenovo App Store that could allow a local authenticated user to ex…