What is CVE-2026-8598?

CVE-2026-8598 is a critical-severity vulnerability in Zkteco Ssc335-gc2063-face-0b77 Solution Camera, classified under Authentication Bypass Using an Alternate Path or Channel. CVSS score: 9.1/10. Published 2026-05-20.

How severe is CVE-2026-8598?

Critical severity. CVSS v3 base score is 9.1 out of 10.

Vulnerability in Zkteco Ssc335-gc2063-face-0b77 Solution Camera

CVE-2026-8598

An undocumented configuration export port is accessible on some models of ZKTeco CCTV cameras. This port does not require authentication and exposes critical information about the camera such as open services and camera account credenti…

EPSS: 0.001 (23.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.1 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N.

Affected products

Zkteco Ssc335-gc2063-face-0b77 Solution Camera — versions 0, V5.0.1.2.20260421

Weakness classification (CWE)

CWE-288 — Authentication Bypass Using an Alternate Path or Channel

References

Frequently asked questions

What is CVE-2026-8598?: CVE-2026-8598 is a critical-severity vulnerability in Zkteco Ssc335-gc2063-face-0b77 Solution Camera, classified under Authentication Bypass Using an Alternate Path or Channel. CVSS score: 9.1/10. Published 2026-05-20.
How severe is CVE-2026-8598?: Critical severity. CVSS v3 base score is 9.1 out of 10.