Vulnerability in Zkteco Co Wl20 Biometric Attendance System
CVE-2025-55279
This vulnerability exists in ZKTeco WL20 due to hard-coded private key stored in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary da…
EPSS: 0.002 (5.8th percentile) — read the EPSS interpretation.
Affected products
- Zkteco Co Wl20 Biometric Attendance System — versions <=ZLM31-FXO1-3.1.8
Weakness classification (CWE)
References
- vdisclose@cert-in.org.in (third-party-advisory)