Language/Region

International Argentina Bangladesh Brazil Egypt Europe Hong Kong India Indonesia Ireland-Europe Japan Kenya Korea Latin America Malaysia Mexico Middle East Nigeria Philippines Peru Saudi Arabia South Africa Thailand Turkey USA Security USA T/A Vietnam West Africa Pakistan
Login
Register

Home> Support > Security Center > Security Bulletins >Security Vulnerability Notice: ZKBioMedia by ZKTECO CO., LTD.

Security Vulnerability Notice: ZKBioMedia by ZKTECO CO., LTD.

2025-05-28

I. Vulnerability Details

· Vulnerability ID: CVE-2024-2318

· Affected Versions: ZKBioMedia versions prior to 2.1.2_x64_2024-01-29-1028.

· Overview:
A path traversal vulnerability has been identified in the affected versions of ZKBioMedia. Successful exploitation of this vulnerability could result in unauthorized data access and potential data leakage.


II. Mitigation Measures

To address this vulnerability, please follow these recommended steps:


1. Upgrade Software:
Update ZKBioMedia to version V2.1.3 (Build: 2025-05-26-1605), which includes the necessary fixes for this issue.

2. Enhanced Security Measures:
Before upgrading, ensure your systems are adequately protected by implementing the following measures:

· Close all unnecessary ports.

· Restrict access permissions as much as possible.

· Apply additional security configurations to strengthen your system’s defenses.

3. Data Backup:
Perform a full backup of all system data prior to upgrading or conducting maintenance activities. This precaution will help prevent any potential data loss.


III. Contact Information

For further assistance and to obtain the patched version, please use the following contact options:

· Email: Support@zkdigimax.com

· Local Branch Offices: Contact your nearest ZKTECO branch office to request the patched version.

 


This website uses cookies to store information on your device, cookies can enhance your user experience and help our website work normally.
For more information, please read our Cookie Policy and Privacy Policy.

Accept