CVE-2024-13966 – ZKTeco BioTime Default Password Authentication Bypass

CVE ID : CVE-2024-13966

Published : May 27, 2025, 7:15 p.m. | 21 minutes ago

Description : ZKTeco BioTime allows unauthenticated attackers to enumerate usernames and log in as any user with a password unchanged from the default value ‘123456’. Users should change their passwords (located under the Attendance Settings tab as “Self-Password”).

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…