CVE-2023-3943

Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Published: 21/05/2024 Updated: 21/05/2024

Stack-based Buffer Overflow vulnerability in ZkTeco-based OEM devices allows, in some cases, the execution of arbitrary code. Due to the lack of protection mechanisms such as stack canaries and PIE, it is possible to successfully execute code even under restrictive conditions. This issue affects ZkTeco-based OEM devices (ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others) with firmware ZAM170-NF-1.8.25-7354-Ver1.0.0 and possibly others.

QR code SQL injection and other vulnerabilities in a popular biometric terminal

Securelist • Georgy Kiguradze • 11 Jun 2024

Biometric scanners offer a unique way to resolve the conflict between security and usability. They help to identify a person by their unique biological characteristics – a fairly reliable process that does not require the user to exert any extra effort. Yet, biometric scanners, as any other tech, have their weaknesses. This article touches on biometric scanner security from the red team’s perspective and uses the example of a popular hybrid terminal model to demonstrate approaches to scanner...

CVE-2023-3943

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect