Known exploited
ZKTeco
CVE published 2025-05-19
CVE-2023-38950
CVE-2023-38950 is a path traversal vulnerability affecting ZKTeco BioTime and is listed by CISA in the Known Exploited Vulnerabilities (KEV) catalog. CISA’s KEV entry shows it was added on 2025-05-19 and sets a remediation due date of 2025-06-09. Because it is a known-exploited issue, organizations using BioTime should treat it as a high-priority remediation item and follow vendor guidance or remove the p [truncated]