CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-13455

A vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to bypass ThinkPlus device authentication and enroll an untrusted fingerprint.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.1%

CVSS Severity

CVSS v3 Score 7.8

References

https://iknow.lenovo.com.cn/detail/436983

Products affected by CVE-2025-13455

Lenovo » Thinkplus Fu100 » Version: gen1

cpe:2.3:h:lenovo:thinkplus_fu100:gen1
Lenovo » Thinkplus Fu200 » Version: gen1

cpe:2.3:h:lenovo:thinkplus_fu200:gen1
Lenovo » Thinkplus Tsd303 » Version: gen1

cpe:2.3:h:lenovo:thinkplus_tsd303:gen1
Lenovo » Thinkplus Tu800 » Version: gen1

cpe:2.3:h:lenovo:thinkplus_tu800:gen1
Lenovo » Thinkplus Fu100 Firmware » Version: N/A

cpe:2.3:o:lenovo:thinkplus_fu100_firmware:-
Lenovo » Thinkplus Fu200 Firmware » Version: N/A

cpe:2.3:o:lenovo:thinkplus_fu200_firmware:-
Lenovo » Thinkplus Tsd303 Firmware » Version: N/A

cpe:2.3:o:lenovo:thinkplus_tsd303_firmware:-
Lenovo » Thinkplus Tu800 Firmware » Version: N/A

cpe:2.3:o:lenovo:thinkplus_tu800_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-13455

Products

Pricing

Contact Us