CVE-2022-42953

high-risk

Published 2022-12-25

Certain ZKTeco products (ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM) allow access to sensitive information via direct requests for the form/DataApp?style=1 and form/DataApp?style=0 URLs. The affected versions may be before 8.88 (ZEM500-510-560-760, ZEM600-800, ZEM720) and 15.00 (ZMM200-220-210). The fixed versions are firmware version 8.88 (ZEM500-510-560-760, ZEM600-800, ZEM720) and firmware version 15.00 (ZMM200-220-210).

Do I need to act?

10.9% chance of exploitation in next 30 days

EPSS score — higher than 89% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

1 public exploit available

51112

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

Affected Products (10)

Zmm200 Firmware

Zmm210 Firmware

Zmm220 Firmware

Zem720 Firmware

Zem600 Firmware

Zem800 Firmware

Zem510 Firmware

Zem560 Firmware

Zem760 Firmware

Zem500 Firmware

Affected Vendors

Zkteco

References (4)

Exploit https://seclists.org/fulldisclosure/2022/Oct/23

Exploit https://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerabi...

Exploit https://seclists.org/fulldisclosure/2022/Oct/23

Exploit https://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerabi...

/ 100

high-risk

Severity 26/34 · High

Exploitability 11/34 · Low

Exposure 16/34 · Moderate