Technology

24 bugs in Chinese biometric device can compromise data

Published On Tue, 11 Jun 2024
Asian Horizan Network
0 Views
media
media
Share
thumbnail
New Delhi, June 11 (AHN) Researchers have identified 24 vulnerabilities in the hybrid biometric terminal produced by Chinese manufacturer ZKTeco.
According to the cybersecurity company Kaspersky, by adding random user data to the database or using a fake QR code, a threat actor can easily bypass the verification process and gain unauthorised access. Attackers can also steal and leak biometric data, remotely manipulate devices, and deploy backdoors.
High-security facilities worldwide are at risk if they use this vulnerable device, researchers warned. "In addition to replacing the QR code, there is another intriguing physical attack vector. If someone with malicious intent gains access to the device’s database, they can exploit other vulnerabilities to download a legitimate user’s photo, print it, and use it to deceive the device’s camera to gain access to a secured area," said Georgy Kiguradze, Senior Application Security Specialist at Kaspersky.
As per the researchers, the biometric readers in question are widely used in areas across diverse sectors such as nuclear or chemical plants to offices and hospitals. These devices support face recognition and QR-code authentication, along with the capacity to store thousands of facial templates.
All findings were proactively shared with the manufacturer before public disclosure, the researchers mentioned. "All the factors underscore the urgency of patching these vulnerabilities and thoroughly auditing the device's security settings for those using the devices in corporate areas,” said Kiguradze.
Related News
/
Asian Horizan Network
Patna, June 17 (AHN) Four juvenile inmates, who are accused of serious crimes like murder and rape, ...
Asia In News
Mon, 17 Jun 2024
/
Asian Horizan Network
Kolkata, June 17 (AHN) Following the tragic train mishap in West Bengal's Darjeeling district on Mon...
World
Mon, 17 Jun 2024
/
Asian Horizan Network
San Francisco, June 17 (AHN) The US government on Monday sued software giant Adobe for allegedly hid...
Technology
Mon, 17 Jun 2024
/
Asian Horizan Network
New Delhi/Imphal, June 17 (AHN) Union Home Minister Amit Shah on Monday stressed the strategic deplo...
Military
Mon, 17 Jun 2024
/
Asian Horizan Network
Bengaluru, June 17 (AHN) The in-form Gaurika Bishnoi, who won the seventh leg with a dramatic finish...
Sports
Mon, 17 Jun 2024