CVE-2016-20024
Published: 16 March 2026
Summary
CVE-2016-20024 is a critical-severity Insertion of Sensitive Information into Externally-Accessible File or Directory (CWE-538) vulnerability in Cxsecurity (inferred from references). Its CVSS base score is 9.3 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Services File Permissions Weakness (T1574.010); ranked at the 49.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and CM-5 (Access Restrictions for Change).
Deeper analysis
CVE-2016-20024 is an insecure file permissions vulnerability (CWE-538) in ZKTeco ZKTime.Net 3.0.1.6. The ZKTimeNet3.0 directory and its contents feature world-writable permissions, enabling unprivileged users to modify executable files. This flaw allows replacement of legitimate executables with malicious binaries to achieve privilege escalation. The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and was published on 2026-03-16T14:17:48.350.
Attackers with unprivileged access can exploit the world-writable permissions on the ZKTimeNet3.0 directory to overwrite executable files with malicious versions. Successful exploitation leads to privilege escalation, potentially granting attackers higher-level access on the affected system. The CVSS vector indicates it is exploitable remotely by unauthenticated attackers with low complexity and no user interaction required.
Advisories and related resources, including exploit details, are available at https://cxsecurity.com/issue/WLB-2016080264, https://exchange.xforce.ibmcloud.com/vulnerabilities/116487, https://packetstormsecurity.com/files/138565, https://www.exploit-db.com/exploits/40322/, and https://www.vulncheck.com/advisories/zkteco-zktime-net-insecure-file-permissions-privilege-escalation.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2016-10803
Vulnerability details
ZKTeco ZKTime.Net 3.0.1.6 contains an insecure file permissions vulnerability that allows unprivileged users to escalate privileges by modifying executable files. Attackers can exploit world-writable permissions on the ZKTimeNet3.0 directory and its contents to replace executable files with malicious binaries for…
more
privilege escalation.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
World-writable executable permissions directly enable file overwrite for local privilege escalation via T1044 (File System Permissions Weakness) and T1068 (Exploitation for Privilege Escalation).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SC-34 prevents unauthorized modification of executable programs, directly mitigating the world-writable permissions that allow replacement of legitimate executables with malicious binaries.
CM-5 authorizes and restricts access to changes on system components such as the ZKTimeNet3.0 directory and its executable files, preventing unprivileged users from overwriting them.
AC-3 enforces approved access authorizations for system resources including files, ensuring unprivileged users cannot write to the vulnerable directory and executables.