Vulnerability in Zkteco Co Wl20 Biometric Attendance System

CVE-2025-54465

This vulnerability exists in ZKTeco WL20 due to hard-coded MQTT credentials and endpoints stored in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and anal…

EPSS: 0.002 (7.3th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References