ZKSecurity Bio v4.1.3 is a platform of physical security (access control, elevator, guest management, patrol and parking management). This version is vulnerable to a SQL injection, allowing an attacker to obtain a Remote Code Execution.
The Stormshield Customer Security Lab team has deployed a SNS protection signature, to detect and block any exploitation of this vulnerability :
| ID | Name |
| ssl:server:certificate.2 | Injection attempt in ZK Bio Security (CVE-2022–36635) |