Critical severity9.8NVD Advisory· Published Mar 16, 2026· Updated Jun 8, 2026
CVE-2016-20024
CVE-2016-20024
Description
ZKTeco ZKTime.Net 3.0.1.6 contains an insecure file permissions vulnerability that allows unprivileged users to escalate privileges by modifying executable files. Attackers can exploit world-writable permissions on the ZKTimeNet3.0 directory and its contents to replace executable files with malicious binaries for privilege escalation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: 3.0.1.6
Patches
Vulnerability mechanics
References
6- cxsecurity.com/issue/WLB-2016080264nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/116487nvd
- packetstormsecurity.com/files/138565nvd
- www.exploit-db.com/exploits/40322/nvd
- www.vulncheck.com/advisories/zkteco-zktime-net-insecure-file-permissions-privilege-escalationnvd
- www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5360.phpnvd
News mentions
0No linked articles in our index yet.