A vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to bypass ThinkPlus device authentication and enroll an untrusted fingerprint.
Credits
Lenovo thanks Xusheng Li (Vector 35 Inc) for reporting these issues.
