CVE-2016-20025 in ZKAccess Professionalinformação

Sumário

de MITRE • 16/03/2026

ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate privileges by modifying executable files. Attackers can leverage the Modify permission granted to the Authenticated Users group to replace executable binaries with malicious code for privilege escalation.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

VulnCheck

Reservar

15/03/2026

Divulgação

16/03/2026

Moderação

aceite

Entrada

VDB-351128

CPE

pronto

CWE

CWE-552 (confirmado)

CVSS

8.8 (CNA)

EPSS

0.00030

KEV

não

Atividades

muito baixo

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-20025
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-20025
CVE Details	https://www.cvedetails.com/cve/CVE-2016-20025/

◂ Voltar Visão Geral Próximo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!