Known Vulnerabilities for products from Zkteco
Listed below are 7 of the newest known vulnerabilities associated with the vendor "Zkteco".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Zkteco can be found at device.report : Zkteco
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-39434 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-12-06 | 2022-12-08 |
| CVE-2020-17474 | A token-reuse vulnerability in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to crea... | 9.8 - CRITICAL | 2020-08-14 | 2020-08-21 |
| CVE-2020-17473 | Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to ob... | 5.9 - MEDIUM | 2020-08-14 | 2020-08-21 |
| CVE-2017-17057 | There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The vulnerability exists due to insufficient filtration of ... | 6.1 - MEDIUM | 2017-12-04 | 2017-12-21 |
| CVE-2017-17056 | The ZKTime Web Software 2.0.1.12280 allows the Administrator to elevate the privileges of the application user using a 'passw... | 8.8 - HIGH | 2017-12-04 | 2017-12-20 |
| CVE-2017-14680 | ZKTeco ZKTime Web 2.0.1.12280 allows remote attackers to obtain sensitive employee metadata via a direct request for a PDF do... | 7.5 - HIGH | 2017-09-21 | 2017-10-03 |
| CVE-2017-13129 | Cross-site request forgery (CSRF) vulnerability in ZKTeco ZKTime Web 2.0.1.12280 allows remote authenticated users to hijack ... | 8 - HIGH | 2017-09-26 | 2017-10-03 |
Known software with vulnerabilities from Zkteco
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Zkteco | Facedepot 7b | - |
| Operating System | Zkteco | Facedepot 7b Firmware | 1.0.213 |
| Application | Zkteco | Zkbiosecurity Server | 1.0.0_20190723 |
| Application | Zkteco | Zktime Web | 2.0.1.12280 |