2025-05-27 18:35:31
cisa-cg
PUBLISHED
ZKTeco BioTime allows unauthenticated attackers to enumerate usernames and log in as any user with a password unchanged from the default value 123456. Users should change their passwords (located under the Attendance Settings tab as "Self-Password").