HighCVENVD — high/critical CVEs (rolling 7d)· 16 Mar 2026

CVE-2016-20025 — ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulner…

Severity: High · Kind: Vulnerability

Plain-English summary on the way

We've ingested this item but haven't summarised it yet. Read the upstream advisory using the link below in the meantime — the AI summary will appear here once the next run completes.

From the source

ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate privileges by modifying executable files. Attackers can leverage the Modify permission granted to the Authenticated Users group to replace executable binaries with malicious code for privilege escalation.

Vulnerability facts

CVE: CVE-2016-20025
CVSS: 8.8

Read the original advisory →← All threat intel

Was this useful?

00000Sign in to react

Plain-English summaries are AI-generated and reviewed for tone, not technical accuracy. For incident response, always rely on the original source linked above.