Lenovo Fingerprint Manager Pro Insecure Credentials Storage

Knowledge Base

Lenovo Fingerprint Manager Pro Insecure Credentials Storage

Are you using Windows version 7, 8, 8.1 , and do you have Lenovo Fingerprint Manager Pro installed?

If you do, then you should check the version of Lenovo Fingerprint Manager Pro that is installed on your device.

Your device if listed in the following list may be leaking sensitive data

  • ThinkPad L560
  • ThinkPad P40 Yoga, P50s
  • ThinkPad T440, T440p, T440s, T450, T450s, T460, T540p, T550, T560
  • ThinkPad W540, W541, W550s
  • ThinkPad X1 Carbon (Type 20A7, 20A8), X1 Carbon (Type 20BS, 20BT)
  • ThinkPad X240, X240s, X250, X260
  • ThinkPad Yoga 14 (20FY), Yoga 460
  • ThinkCentre M73, M73z, M78, M79, M83, M93, M93p, M93z
  • ThinkStation E32, P300, P500, P700, P900

The issue occurs as the storage of the database of credentials ( eg. Windows Logon and fingerprint data) are stored using a weak algorithm (poor encryption) and contains a hardcoded password are all visible to non admin users.

Update Fingerprint Manager Pro to version 8.01.87 or later. to be protected against the vulnerability.

See https://support.lenovo.com/gb/en/product_security/len-15999 for further information.

We use cookies to provide you with the best possible experience in your interactions on our website

You agree to our use of cookies on your device by continuing to use our website

I understand