CVE-2016-20025 in ZKAccess Professionalinfo

Zusammenfassung

von MITRE • 16.03.2026

ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate privileges by modifying executable files. Attackers can leverage the Modify permission granted to the Authenticated Users group to replace executable binaries with malicious code for privilege escalation.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

VulnCheck

Reservieren

15.03.2026

Veröffentlichung

16.03.2026

Moderieren

akzeptiert

Eintrag

VDB-351128

CPE

bereit

CWE

CWE-552 (bestätigt)

CVSS

8.8 (CNA)

EPSS

0.00030

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-20025
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-20025
CVE Details	https://www.cvedetails.com/cve/CVE-2016-20025/

◂ Zurück Übersicht Weiter ▸

Interested in the pricing of exploits?

See the underground prices here!