Kaspersky finds critical vulnerabilities in ZKTeco biometric access control terminal

Kaspersky says there is a set of cybersecurity vulnerabilities in biometric access control terminals from ZKTeco that could allow malicious actors to bypass verification to gain unauthorized access, steal biometric data, and even deploy backdoors to user networks.

The hybrid biometric terminal is a white-label product sold under different names by different distributors, according to Kaspersky’s announcement. It enables access control via authentication with face biometrics or QR codes. They are used in many environments, Kaspersky says, including high-security …

access access control backdoors biometric biometric data biometric r&d biometrics biometrics news bypass control critical critical vulnerabilities cybersecurity cybersecurity vulnerabilities data deploy face biometrics hybrid injection attacks kaspersky kaspersky lab malicious malicious actors names networks product steal terminal unauthorized unauthorized access under verification vulnerabilities zkteco