Zkteco Zkaccess Professional

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2016-20025 HIGH POC This Week

Privilege escalation vulnerability in ZKTeco ZKAccess Professional 3.5.3 (Build 0005) where authenticated users can modify executable files due to insecure permissions, allowing them to replace binaries with malicious code and gain elevated privileges. Multiple public exploits are available (exploit-db, PacketStorm) making this a high-risk vulnerability for organizations using this access control software, despite no current KEV listing or EPSS data.

Privilege Escalation Path Traversal Information Disclosure Zkteco Zkaccess Professional
NVD Exploit-DB VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2016-20025
EPSS 0% CVSS 8.8
HIGH POC This Week

Privilege escalation vulnerability in ZKTeco ZKAccess Professional 3.5.3 (Build 0005) where authenticated users can modify executable files due to insecure permissions, allowing them to replace binaries with malicious code and gain elevated privileges. Multiple public exploits are available (exploit-db, PacketStorm) making this a high-risk vulnerability for organizations using this access control software, despite no current KEV listing or EPSS data.

Privilege Escalation Path Traversal Information Disclosure +1
NVD Exploit-DB VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy