Primary

Context

Suprema BioStar 2 Denial-of-Service Vulnerability

Vulnerability

Patched

A denial-of-service vulnerability has been identified in Suprema BioStar 2 (Server) versions 2.9.8, 2.9.10, and 2.9.11. The vulnerability allows an unauthenticated remote attacker to cause a service disruption by sending HTTP POST requests to the '/api/migration' endpoint. This action triggers an unhandled exception that halts critical processes, leaving the system offline until manually restarted. The disruption causes access control readers to fail and may impact third-party integrations.

Impact

Exploitation of this vulnerability leads to a significant denial-of-service condition, causing the system to go offline and disrupting access control functions and potentially third-party integrations.

Remediation

Users are advised to update to the latest available version of Suprema BioStar 2.

Added: May 29, 2026, 1:18 PM

Updated: May 29, 2026, 1:18 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

7.8

remediation

7.7

relevance

9.8

threat

0.0

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

7.8

remediation

7.7

relevance

9.8

threat

0.0

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Suprema BioStar 2 Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Suprema BioStar 2

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating