CVE-2016-20025 - ZKTeco ZKAccess Professional 3.5.3 Privilege Escalation via Insecure Permissions
CVE ID :CVE-2016-20025
Published : March 15, 2026, 1:35 p.m. | 4 hours, 55 minutes ago
Description :ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate privileges by modifying executable files. Attackers can leverage the Modify permission granted to the Authenticated Users group to replace executable binaries with malicious code for privilege escalation.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : March 15, 2026, 1:35 p.m. | 4 hours, 55 minutes ago
Description :ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate privileges by modifying executable files. Attackers can leverage the Modify permission granted to the Authenticated Users group to replace executable binaries with malicious code for privilege escalation.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...