CVE-2023-3941

Name of the Vulnerable Software and Affected Versions ZkTeco ProFace X versions prior to the fixed version Smartec ST-FR043 versions prior to the fixed version Smartec ST-FR041ME versions prior to the fixed version ZkTeco-based OEM devices versions prior to the fixed version, including those with ZAM170-NF-1.8.25-7354-Ver1.0.0

Description The issue is related to a Relative Path Traversal vulnerability in the Handler for User Photo Upload Command and Handler for Picture Upload Command components of ZkTeco-based OEM devices. This vulnerability can be exploited by an attacker to write any file on the system with root privileges, potentially allowing them to elevate their privileges and gain access to read, modify, or delete data. The vulnerability affects devices used in high-security sectors, including nuclear plants, hospitals, and offices, which support advanced authentication methods such as facial recognition and QR-code scanning.

Recommendations For ZkTeco ProFace X, update to a version that includes a fix for this issue. For Smartec ST-FR043, update to a version that includes a fix for this issue. For Smartec ST-FR041ME, update to a version that includes a fix for this issue. For ZkTeco-based OEM devices, update to a version that includes a fix for this issue, including those with ZAM170-NF-1.8.25-7354-Ver1.0.0. As a temporary workaround, consider restricting access to the vulnerable components until a patch is available.