K-ZkTeco-2023-003.md

---

Kaspersky Advisory

(K-ZkTeco-2023-003) Multiple arbitrary file reads in ZkTeco-based OEM devices

---

Affected Hardware/Software

ZkTeco-based OEM devices (ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others) with the ZAM170-NF-1.8.25-7354-Ver1.0.0 and possibly others

Severity level

Impact: The described vulnerabilities allow you to access any file on the system.

Access Vector: Remote

CVSS v3 Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v3 Score

7.5

CVE ID

CVE-2023-3940

Vulnerability description

A vulnerability was discovered in a software component that permits arbitrary file reading. This flaw allows an attacker to specify file paths that bypass security checks, enabling unauthorized access to any file on the system, including sensitive user data and system settings. The vulnerability is exacerbated when processed with superuser privileges, increasing the risk of severe data exposure.

Remediation

Apply patch from vendor when it will be available for your device.

Acknowledgements

Vulnerability was discovered by Georgy Kiguradze from Kaspersky.

Reference

https://github.com/klsecservices/Publications/blob/master/QR_code_SQL_injection_and_other_vulnerabilities_in_a_popular_biometric_terminal_EN.pdf