CVE-2025-55279

This vulnerability exists in ZKTeco WL20 due to hard-coded private key stored in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to retrieve private key stored in the firmware of the targeted device. Successful exploitation of this vulnerability could allow the attacker to perform unauthorized decryption of sensitive data and Man-in-the-Middle (MitM) attacks on the targeted device.

CVSS

No CVSS.

References

Link	Resource
https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0172

Configurations

No configuration.

History

13 Aug 2025, 17:33

Type	Values Removed	Values Added
Summary		(es) Esta vulnerabilidad existe en ZKTeco WL20 debido a una clave privada codificada de forma rígida, almacenada en texto plano dentro del firmware del dispositivo. Un atacante con acceso físico podría explotar esta vulnerabilidad extrayendo el firmware y analizando los datos binarios para recuperar la clave privada almacenada en el firmware del dispositivo objetivo. La explotación exitosa de esta vulnerabilidad podría permitir al atacante realizar el descifrado no autorizado de datos confidenciales y ataques Man-in-the-Middle (MitM) en el dispositivo objetivo.

13 Aug 2025, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-13 12:15

Updated : 2025-08-13 17:33

NVD link : CVE-2025-55279

Mitre link : CVE-2025-55279

CVE.ORG link : CVE-2025-55279

JSON object : View

Products Affected

No product.

CWE

CWE-798

Use of Hard-coded Credentials

{"id": "CVE-2025-55279", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "vdisclose@cert-in.org.in", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-08-13T12:15:26.907", "references": [{"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0172", "source": "vdisclose@cert-in.org.in"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "vdisclose@cert-in.org.in", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "This vulnerability exists in ZKTeco WL20 due to hard-coded private key stored in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to retrieve private key stored in the firmware of the targeted device.\n\nSuccessful exploitation of this vulnerability could allow the attacker to perform unauthorized decryption of sensitive data and Man-in-the-Middle (MitM) attacks on the targeted device."}, {"lang": "es", "value": "Esta vulnerabilidad existe en ZKTeco WL20 debido a una clave privada codificada de forma r\u00edgida, almacenada en texto plano dentro del firmware del dispositivo. Un atacante con acceso f\u00edsico podr\u00eda explotar esta vulnerabilidad extrayendo el firmware y analizando los datos binarios para recuperar la clave privada almacenada en el firmware del dispositivo objetivo. La explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda permitir al atacante realizar el descifrado no autorizado de datos confidenciales y ataques Man-in-the-Middle (MitM) en el dispositivo objetivo."}], "lastModified": "2025-08-13T17:33:46.673", "sourceIdentifier": "vdisclose@cert-in.org.in"}