Information Disclosure
Source: HP, HP Product Security Response Team (PSRT)
Reported By: Synaptics®
Synaptics has notified HP of a potential security vulnerability in certain versions of VFS75xx Fingerprint Sensors equipped with external flash, which may allow a local administrator or physical attacker to compromise the confidentiality of the fingerprint sensor’s data.
The Synaptics Security Brief for this vulnerability can be found on the Synaptics product page for Fingerprint Sensors at <https://www.synaptics.com/products/biometrics>[__](<https://www.synaptics.com/products/biometrics> “External site.” ) (in English).
Synaptics has released updates to mitigate the potential vulnerability. HP has identified platforms with affected devices and target versions for SoftPaqs. See the affected platforms listed below.