I found that there is an override method to the normal Field Level Security implementation in the Infor CRM web client that will override the normal team/user based field level security for a record.
The Field Level security is implemented in the class Sage.SalesLogix.Security.FieldLevelSecurityService.
Within that class there is an override method AccessForPropertyBoeOverride.
One of the results of that is if you have a value in CONTACT.ERPEXTID and there is a value in CONTACT.SYNCSTATUS of either “AWAITINGBACK” or “PUBLISHED” and you have a Bod mapping of Out or Both, then the contact will have all of the standard fields return a field level result of read-only, despite what the real field security profiles are defined.
The fields affected are contained in the BOE field mappings so I would imagine those would vary based on what kind of integrations you have going on.