Vulnerable Biometric Systems: Threats to Security and Infrastructure
Published Date: 17/06/2024
New research reveals 24 critical vulnerabilities in Chinese biometric readers, including face recognition and QR-code authentication, putting sensitive data and physical security at risk.
Biometric systems have become an essential part of modern security infrastructure, used in various sectors such as nuclear and chemical plants, offices, and hospitals. However, recent research has uncovered a disturbing reality - these systems are vulnerable to malicious attacks.
Cybersecurity experts at Kaspersky Lab have identified 24 critical vulnerabilities in biometric access systems manufactured by ZKTeco, a major Chinese provider. These vulnerabilities include six SQL injection vulnerabilities, seven buffer stack overflow vulnerabilities, five command injection vulnerabilities, four arbitrary file write vulnerabilities, and two arbitrary file read vulnerabilities.
One of the most dangerous vulnerabilities, CVE-2023-3938, allows cybercriminals to inject malicious code into a terminal's database via QR code, allowing unauthorized access to restricted areas. Another vulnerability, CVE-2023-3940, allows arbitrary file reading, letting attackers access sensitive biometric user data and password hashes, compromising corporate credentials.
The vulnerabilities were proactively shared with the manufacturer before public disclosure, and patches are awaited. Until a patch becomes available, organizations must identify and isolate vulnerable systems, implement multi-factor authentication, conduct regular security audits, update firmware, and temporarily remove vulnerable ZKTeco systems.
AÂ The vulnerabilities raise concerns about the potential for deepfake and social engineering attacks, which can be used to manipulate biometric data and gain unauthorized access to restricted areas."
Q: What is the impact of these vulnerabilities on national security and corporate infrastructure?
A: These vulnerabilities put sensitive data and physical security at risk, potentially compromising national security and corporate infrastructure.
Q: How can organizations protect themselves from these vulnerabilities?
A: Organizations must identify and isolate vulnerable systems, implement multi-factor authentication, conduct regular security audits, update firmware, and temporarily remove vulnerable ZKTeco systems.
Q: What is the extent of the vulnerabilities identified by Kaspersky Lab?
A: The vulnerabilities include six SQL injection vulnerabilities, seven buffer stack overflow vulnerabilities, five command injection vulnerabilities, four arbitrary file write vulnerabilities, and two arbitrary file read vulnerabilities.
Q: How were the vulnerabilities identified?
A: The vulnerabilities were identified by Kaspersky Security Assessment experts.
Q: What is the potential for deepfake and social engineering attacks?
A: The vulnerabilities raise concerns about the potential for deepfake and social engineering attacks, which can be used to manipulate biometric data and gain unauthorized access to restricted areas.