Language/Region

International Argentina Bangladesh Brazil Egypt Europe Hong Kong India Indonesia Ireland-Europe Japan Kenya Korea Latin America Malaysia Mexico Middle East Nigeria Philippines Peru Saudi Arabia South Africa Thailand Turkey USA Security USA T/A Vietnam West Africa Pakistan
Login
Register

Home> Support > Security Center > Security Bulletins >Notice Regarding Security Vulnerability in BioTime (Path Transversal Vulnerability)

Notice Regarding Security Vulnerability in BioTime (Path Transversal Vulnerability)

2025-05-12

Dear Valued Customers,

 

This notice is to inform you of a security vulnerability identified in BioTime 8.5.5 or earlier versions. It is essential to take the necessary actions to protect your systems for your attention to this matter.

 

1. Vulnerability Details

 

Vulnerability Number: CVE-2023-38950, CVE-2023-38951

Scope of Impact: BioTime V8.5.5 and earlier versions

Vulnerability Overview: A path traversal vulnerability exists. Successful exploitation may allow unauthorized access to system files, potentially leading to data leakage.

 

2. Vulnerability Solution

 

A. Mainstream version: This vulnerability has been addressed in ZKBioTime version 9.0.1 (20240617.19506). It is strongly recommended to update to the latest version.

B. Middle East version: This vulnerability has been addressed in ZKBioTime version 8.5.5.2944. It is strongly recommended to update to the latest version.

 

3. Contact Information

 

A. Please email xmtam@zkteco.com to obtain the patch package for the fixed version.

B. You may call the ZKTeco customer service hotline at 400-6900-999 to request the patch package for the repaired version.

C. You may also contact the ZKTeco branch in your region to obtain the patch package for the repaired version.


This website uses cookies to store information on your device, cookies can enhance your user experience and help our website work normally.
For more information, please read our Cookie Policy and Privacy Policy.

Accept