CVE-2016-20025

HIGH

ZKTeco ZKAccess Professional 3.5.3 Privilege Escalation via Insecure Permissions

Title source: cna

Description

ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate privileges by modifying executable files. Attackers can leverage the Modify permission granted to the Authenticated Users group to replace executable binaries with malicious code for privilege escalation.

Exploits (1)

exploitdb WRITEUP

by LiquidWorm · textlocalwindows

https://www.exploit-db.com/exploits/40323

View Code ZIP pw:eip

References (6)

Core 6

Core References

Third Party Advisory third-party-advisory

Zero Science Lab Disclosure

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5361.php

Third Party Advisory third-party-advisory

CXSecurity

https://cxsecurity.com/issue/WLB-2016080265

Vdb Entry vdb-entry

IBM X-Force Exchange

https://exchange.xforce.ibmcloud.com/vulnerabilities/116486

Exploit exploit

Packet Storm Security

https://packetstormsecurity.com/files/138566

Exploit exploit

Reference

https://www.exploit-db.com/exploits/40323/

Third Party Advisory third-party-advisory

VulnCheck Advisory: ZKTeco ZKAccess Professional 3.5.3 Privilege Escalation via Insecure Permissions

https://www.vulncheck.com/advisories/zkteco-zkaccess-professional-privilege-escalation-via-insecure-permissions

Scores

CVSS v3 8.8

EPSS 0.0003

EPSS Percentile 7.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-552

Status published

Products (1)

ZKTeco Inc./ZKTeco ZKAccess Professional 3.5.3 (Build 0005)

Published Mar 16, 2026

Tracked Since Mar 16, 2026