CVE-2025-15128

MEDIUM

ZKTeco BioTime <9.0.3/9.0.4/9.5.2 - Info Disclosure

Title source: llm

Description

A vulnerability was detected in ZKTeco BioTime up to 9.0.3/9.0.4/9.5.2. This affects an unknown part of the file /base/safe_setting/ of the component Endpoint. Performing a manipulation of the argument backup_encryption_password_decrypt/export_encryption_password_decrypt results in unprotected storage of credentials. Remote exploitation of the attack is possible. The exploit is now public and may be used. Upgrading to version 9.0.6 is able to mitigate this issue. It is recommended to upgrade the affected component. The vendor confirms: "The mainstream version ZKBioTime V9.0.6 has fixed this vulnerability. Please update to the latest version as soon as possible. For the Middle East version BioTime 9.5.X, you can contact the local technical support to obtain the fix package."

References (9)

Core 9

Core References

Vdb Entry, Technical Description vdb-entry technical-description

VDB-338506 | ZKTeco BioTime Endpoint safe_setting credentials storage

https://vuldb.com/vuln/338506

Signature, Permissions Required signature permissions-required

VDB-338506 | CTI Indicators (IOB, IOC, TTP, IOA)

https://vuldb.com/vuln/338506/cti

Third Party Advisory third-party-advisory

CVE-2025-15128 | CVE Analysis and Report

https://vuldb.com/cve/CVE-2025-15128

Third Party Advisory third-party-advisory

Submit #711813 | ZkBioTime CMS 9.0.3, 9.0.4, 9.5.2 IDOR

https://vuldb.com/submit/711813

Various Sources exploit

https://github.com/ionutluca888/IDOR-POC-ZKBio-Time/tree/main

View Exploit ZIP pw:eip

Broken Link broken-link

https://www.zkteco.com/en/Security_Bulletinsibs/24

Permissions Required, VDB Entry vdb-entry technical-description

https://vuldb.com/?id.338506

Permissions Required, VDB Entry signature permissions-required

https://vuldb.com/?ctiid.338506

Permissions Required, VDB Entry third-party-advisory

https://vuldb.com/?submit.711813

Scores

CVSS v3 5.3

EPSS 0.0027

EPSS Percentile 18.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-255 CWE-256

Status published

Products (9)

ZKTeco/BioTime 9.0.0

ZKTeco/BioTime 9.0.1

ZKTeco/BioTime 9.0.2

ZKTeco/BioTime 9.0.3

ZKTeco/BioTime 9.0.4

ZKTeco/BioTime 9.0.6

ZKTeco/BioTime 9.5.0

ZKTeco/BioTime 9.5.1

ZKTeco/BioTime 9.5.2

Published Dec 28, 2025

Tracked Since Feb 18, 2026