CVE-2023-38952 — HIGH (7.5)

Vulnerability Description

Insecure access control in ZKTeco BioTime through 9.0.1 allows authenticated attackers to escalate their privileges due to the fact that session ids are not validated for the type of user accessing the application by default. Privilege restrictions between non-admin and admin users are not enforced and any authenticated user can leverage admin functions without restriction by making direct requests to administrative endpoints.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Zkteco	Biotime	8.5.5

Related Weaknesses (CWE)

CWE-552

References

http://zkteco.comProduct
https://claroty.com/team82/disclosure-dashboard/cve-2023-38952Third Party Advisory
https://github.com/omair2084/biotime-rce-8.5.5/blob/main/biotime_enum.py
https://krashconsulting.com/fury-of-fingers-biotime-rce/
http://zkteco.comProduct
https://claroty.com/team82/disclosure-dashboard/cve-2023-38952Third Party Advisory
https://sploitus.com/exploit?id=PACKETSTORM:177859

FAQ

What is CVE-2023-38952?

CVE-2023-38952 is a vulnerability with a CVSS score of 7.5 (HIGH). Insecure access control in ZKTeco BioTime through 9.0.1 allows authenticated attackers to escalate their privileges due to the fact that session ids are not validated for the type of user accessing th...

How severe is CVE-2023-38952?

CVE-2023-38952 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-38952?

Check the references section above for vendor advisories and patch information. Affected products include: Zkteco Biotime.