CVE-2024-13966

ZKTeco BioTime allows unauthenticated attackers to enumerate usernames and log in as any user with a password unchanged from the default value '123456'. Users should change their passwords (located under the Attendance Settings tab as "Self-Password").

CVSS v3 7.3 HIGH

7.3^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://krashconsulting.com/fury-of-fingers-biotime-rce/
https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-148-01.json
https://www.cve.org/CVERecord?id=CVE-2024-13966
https://zkteco-store.ru/wp-content/uploads/2023/09/ZKBio-CVSecurity-6.0.0-User-Manual_EN-v1.0_20230616.pdf

Configurations

No configuration.

History

28 May 2025, 19:15

Type	Values Removed	Values Added
References		() https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-148-01.json - () https://www.cve.org/CVERecord?id=CVE-2024-13966 -

28 May 2025, 15:01

Type	Values Removed	Values Added
Summary		(es) ZKTeco BioTime permite a atacantes no autenticados enumerar nombres de usuario e iniciar sesión como cualquier usuario con una contraseña que no sea la predeterminada "123456". Los usuarios deben cambiar sus contraseñas (ubicadas en la pestaña "Configuración de Asistencia" como "Contraseña propia").

27 May 2025, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-27 19:15

Updated : 2025-05-28 19:15

NVD link : CVE-2024-13966

Mitre link : CVE-2024-13966

CVE.ORG link : CVE-2024-13966

JSON object : View

Products Affected

No product.

CWE

CWE-1393

Use of Default Password

{"id": "CVE-2024-13966", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "9119a7d8-5eab-497f-8521-727c672e3725", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "9119a7d8-5eab-497f-8521-727c672e3725", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-05-27T19:15:24.727", "references": [{"url": "https://krashconsulting.com/fury-of-fingers-biotime-rce/", "source": "9119a7d8-5eab-497f-8521-727c672e3725"}, {"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-148-01.json", "source": "9119a7d8-5eab-497f-8521-727c672e3725"}, {"url": "https://www.cve.org/CVERecord?id=CVE-2024-13966", "source": "9119a7d8-5eab-497f-8521-727c672e3725"}, {"url": "https://zkteco-store.ru/wp-content/uploads/2023/09/ZKBio-CVSecurity-6.0.0-User-Manual_EN-v1.0_20230616.pdf", "source": "9119a7d8-5eab-497f-8521-727c672e3725"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "9119a7d8-5eab-497f-8521-727c672e3725", "description": [{"lang": "en", "value": "CWE-1393"}]}], "descriptions": [{"lang": "en", "value": "ZKTeco BioTime allows unauthenticated attackers to enumerate usernames and log in as any user with a password unchanged from the default value '123456'. Users should change their passwords (located under the Attendance Settings tab as \"Self-Password\")."}, {"lang": "es", "value": "ZKTeco BioTime permite a atacantes no autenticados enumerar nombres de usuario e iniciar sesi\u00f3n como cualquier usuario con una contrase\u00f1a que no sea la predeterminada \"123456\". Los usuarios deben cambiar sus contrase\u00f1as (ubicadas en la pesta\u00f1a \"Configuraci\u00f3n de Asistencia\" como \"Contrase\u00f1a propia\")."}], "lastModified": "2025-05-28T19:15:35.940", "sourceIdentifier": "9119a7d8-5eab-497f-8521-727c672e3725"}