Language/Region

International Argentina Bangladesh Brazil Egypt Europe Hong Kong India Indonesia Ireland-Europe Japan Kenya Korea Latin America Malaysia Mexico Middle East Nigeria Philippines Peru Saudi Arabia South Africa Thailand Turkey USA Security USA T/A Vietnam West Africa Pakistan
Login
Register

Home> Support > Security Center > Security Bulletins >Notice Regarding Security Vulnerability in BioTime (Access Control Security Vulnerability)

Notice Regarding Security Vulnerability in BioTime (Access Control Security Vulnerability)

2025-05-12

Vulnerability Details

 

Vulnerability Number: CVE-2023-38952

Scope of Impact: BioTime v8.5.5 and earlier

Vulnerability Overview: Insecure access controls exist, allowing HTTP requests to read sensitive backup files and access confidential information, including user credentials.

 

Vulnerability Solution

 

A. This vulnerability has been addressed in ZKBioTime version 9.0.1 (20240617.19506). It is strongly recommended to update to the latest version. The installation package can be downloaded from the official website.

 

Contact Information

 

A. Please email xmtam@zkteco.com to obtain the patch package for the fixed version.

B. You may call the ZKTeco customer service hotline at 400-6900-999 to request the patch package for the repaired version.

C. You may also contact the ZKTeco branch in your region to obtain the patch package for the repaired version.


This website uses cookies to store information on your device, cookies can enhance your user experience and help our website work normally.
For more information, please read our Cookie Policy and Privacy Policy.

Accept