The company detailed the security flaw discovered in its Fingerprint Manager Pro software in a security advisory last week.
By Hyacinth Mascarenhas
Lenovo has disclosed a security vulnerability in some of its devices that could allow a malicious actor to bypass the fingerprint scanner.
The security flaw was discovered in its Fingerprint Manager Pro software — an application embedded in certain Lenovo products that allows users to easily log into their PC and authenticate configured websites using fingerprint recognition.
In a security advisory issued last week, the company warned that sensitive data stored by the software, including users’ Windows login credentials and fingerprint data, is encrypted using a weak algorithm. The fingerprint scanner also features a hard-coded password that is “accessible to all users with local non-administrative access to the system it is installed in”.
Read the rest on International Business Times here: https://www.ibtimes.co.uk/hackers-could-bypass-lenovos-fingerprint-scanner-using-hardcoded-password-are-you-affected-1657199
Read additional coverage here: