Cyber Posture

CVE-2016-20024

CriticalPublic PoC

Published: 16 March 2026

Published
16 March 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0003 8.2th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2016-20024 is a critical-severity Insertion of Sensitive Information into Externally-Accessible File or Directory (CWE-538) vulnerability in Cxsecurity (inferred from references). Its CVSS base score is 9.8 (Critical).

Operationally, ranked at the 8.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and CM-5 (Access Restrictions for Change).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SC-34 Non-modifiable Executable Programs good match
prevent

SC-34 prevents unauthorized modification of executable programs, directly mitigating the world-writable permissions that allow replacement of legitimate executables with malicious binaries.

CM-5 Access Restrictions for Change good match
prevent

CM-5 authorizes and restricts access to changes on system components such as the ZKTimeNet3.0 directory and its executable files, preventing unprivileged users from overwriting them.

AC-3 Access Enforcement good match
prevent

AC-3 enforces approved access authorizations for system resources including files, ensuring unprivileged users cannot write to the vulnerable directory and executables.

NVD Description

ZKTeco ZKTime.Net 3.0.1.6 contains an insecure file permissions vulnerability that allows unprivileged users to escalate privileges by modifying executable files. Attackers can exploit world-writable permissions on the ZKTimeNet3.0 directory and its contents to replace executable files with malicious binaries for…

more

privilege escalation.

Deeper analysisAI

CVE-2016-20024 is an insecure file permissions vulnerability (CWE-538) in ZKTeco ZKTime.Net 3.0.1.6. The ZKTimeNet3.0 directory and its contents feature world-writable permissions, enabling unprivileged users to modify executable files. This flaw allows replacement of legitimate executables with malicious binaries to achieve privilege escalation. The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and was published on 2026-03-16T14:17:48.350.

Attackers with unprivileged access can exploit the world-writable permissions on the ZKTimeNet3.0 directory to overwrite executable files with malicious versions. Successful exploitation leads to privilege escalation, potentially granting attackers higher-level access on the affected system. The CVSS vector indicates it is exploitable remotely by unauthenticated attackers with low complexity and no user interaction required.

Advisories and related resources, including exploit details, are available at https://cxsecurity.com/issue/WLB-2016080264, https://exchange.xforce.ibmcloud.com/vulnerabilities/116487, https://packetstormsecurity.com/files/138565, https://www.exploit-db.com/exploits/40322/, and https://www.vulncheck.com/advisories/zkteco-zktime-net-insecure-file-permissions-privilege-escalation.

Details

CWE(s)
CWE-538

Affected Products

Cxsecurity
inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2019-25706Shared CWE-538
CVE-2023-54346Shared CWE-538
CVE-2025-12059Shared CWE-538
CVE-2026-21672Shared CWE-538
CVE-2020-37104Shared CWE-538
CVE-2025-11079Shared CWE-538

References