ZKAccess Professional

CVEs (1)

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2016-20025	Hig	0.57	8.8	0.00		Mar 16, 2026	ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate privileges by modifying executable files. Attackers can leverage the Modify permission granted to the Authenticated Users group to replace executable binaries with malicious code for privilege escalation.

CVE-2016-20025HigMar 16, 2026
risk 0.57cvss 8.8epss 0.00
ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate privileges by modifying executable files. Attackers can leverage the Modify permission granted to the Authenticated Users group to replace executable binaries with malicious code for privilege escalation.