Vulnerability in Zkteco Co Wl20 Biometric Attendance System
CVE-2025-54464
This vulnerability exists in ZKTeco WL20 due to storage of admin and user credentials without encryption in the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engin…
EPSS: 0.001 (0.3th percentile) — read the EPSS interpretation.
Affected products
- Zkteco Co Wl20 Biometric Attendance System — versions <=ZLM31-FXO1-3.1.8
Weakness classification (CWE)
References
- vdisclose@cert-in.org.in (third-party-advisory)
- vdisclose@cert-in.org.in (vendor-advisory)