CVE-2016-20025 in ZKAccess ProfessionalИнформация

Сводка

по MITRE • 16.03.2026

ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate privileges by modifying executable files. Attackers can leverage the Modify permission granted to the Authenticated Users group to replace executable binaries with malicious code for privilege escalation.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

VulnCheck

Резервировать

15.03.2026

Раскрытие

16.03.2026

Модерация

принято

Вход

VDB-351128

CPE

готов

CWE

CWE-552 (Подтверждённый)

CVSS

8.8 (CNA)

EPSS

0.00030

KEV

Нет

Деятельности

Очень низкий

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-20025
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-20025
CVE Details	https://www.cvedetails.com/cve/CVE-2016-20025/

◂ Предыдущий Обзор Далее ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!