CISA 2026-05-19

ZKTeco CCTV Cameras

CVE-2026-8598

Machine-generated analysis · WAYSCloud LLM

An undocumented, unauthenticated configuration export port on affected ZKTeco cameras can expose camera account credentials and service information.

Context

ZKTeco CCTV Cameras are surveillance devices used in commercial facilities, according to the advisory. The vulnerability allows unauthenticated network access to a configuration export port, leading to disclosure of credentials and system information. This issue affects the SSC335-GC2063-Face-0b77 Solution model prior to firmware version V5.0.1.2.20260421. The vendor has released a firmware update to address the issue.

Operator considerations

Check: Inventory ZKTeco SSC335-GC2063-Face-0b77 Solution cameras for firmware versions earlier than V5.0.1.2.20260421.
Patch: Upgrade to firmware version V5.0.1.2.20260421 or later as recommended by ZKTeco.
Log: Monitor network traffic for unauthorized access to configuration export ports on affected cameras.

From Cybersecurity and Infrastructure Security Agency ↗

Successful exploitation of this vulnerability could result in information disclosure, including capture of camera account credentials.

The following versions of ZKTeco CCTV Cameras are affected:

SSC335-GC2063-Face-0b77 Solution

Vendor

Equipment

ZKTeco

ZKTeco CCTV Cameras

Authentication Bypass Using an Alternate Path or Channel

Critical Infrastructure Sectors: Commercial Facilities

Countries/Areas Deployed: Worldwide

Company Headquarters Location: China

An undocumented configuration export port is accessible on some models of ZKTeco CCTV cameras. This port does not require authentication and exposes critical information about the camera such as open services and camera account credentials.

ZKTeco CCTV Cameras

Read the full advisory on CISA →