Vulnerability in Zkteco Co Wl20 Biometric Attendance System
CVE-2025-55280
This vulnerability exists in ZKTeco WL20 due to storage of Wi-Fi credentials, configuration data and system data in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the f…
EPSS: 0.001 (2.4th percentile) — read the EPSS interpretation.
Affected products
- Zkteco Co Wl20 Biometric Attendance System — versions <=ZLM31-FXO1-3.1.8
Weakness classification (CWE)
References
- vdisclose@cert-in.org.in (third-party-advisory)