JAKARTA - Kaspersky managed to find a vulnerability in ZKTeco's hybrid biometric terminal, which allows attackers to enter certain data into QR codes used to access restricted areas.
If a fake QR code contains excessive amounts of malicious data, instead of granting access, the device will restart. Worse, criminals can exploit the vulnerability to download user photos, print them, and use them to scam device cameras into getting access to secure areas.
In addition, Kaspersky also found vulnerabilities that allow criminals to access to any files in the system and allow them to extract them. Then use them to steal sensitive biometrics and hash passwords.
However, at the time the vulnerability information was published, Kaspersky did not have any accessible data regarding whether the patch had been published.
SEE ALSO:
-
| TEKNOLOGI
Lebih dari 90 Persen Karyawan di Indonesia Sudah Menggunakan AI Generatif
13 Juni 2024, 11:30
To thwart the associated cyberattack, apart from installing the patch, Kaspersky suggested taking the following steps:
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)
Most Popular Tags
#Prabowo Subianto #golkar #Pilkada Dki #online gambling #Mount Lewotobi malePopular
