Zkteco: >> Facedepot 7b Firmware Security Vulnerabilities
Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to obtain a long-lasting token by impersonating the server.
CVSS Score
5.9
EPSS Score
0.002
Published
2020-08-14
A token-reuse vulnerability in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to create arbitrary new users, elevate users to administrators, delete users, and download user faces from the database.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-08-14