Description
ZKTeco ZKTime.Net 3.0.1.6 contains an insecure file permissions vulnerability that allows unprivileged users to escalate privileges by modifying executable files. Attackers can exploit world-writable permissions on the ZKTimeNet3.0 directory and its contents to replace executable files with malicious binaries for privilege escalation.
Published: 2026-03-15
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation via Insecure File Permissions
Action: Immediate Patch
AI Analysis

Impact

This vulnerability stems from insecure file permissions that allow an unprivileged user to modify executable files within the ZKTimeNet3.0 directory. By replacing the original binaries with malicious ones, an attacker can obtain elevated privileges. The weakness aligns with CWE‑538, a high‑severity flaw that directly enables privilege escalation.

Affected Systems

ZKTeco Inc. delivers the ZKTeco ZKTime.Net product, and the affected version is 3.0.1.6. The issue resides in the ZKTimeNet3.0 directory, which is world‑writable and contains executable files that can be altered by non‑privileged users.

Risk and Exploitability

The CVSS score of 9.3 denotes severe risk while the EPSS score of less than 1% indicates a low probability of exploitation. This vulnerability is not listed in CISA's Known Exploited Vulnerabilities catalog. An attacker would need local access to the system and can exploit the world‑writable permission on the service directory to replace binaries, thereby gaining system‑wide administrative rights.

Generated by OpenCVE AI on March 21, 2026 at 15:07 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor‑issued patch or upgrade ZKTime.Net to a version newer than 3.0.1.6
  • Remove world‑writable permissions from the ZKTimeNet3.0 directory and all contained files
  • Set the directory and executable files to root ownership with 755 permissions
  • Verify that only privileged users can write to the service folder

Generated by OpenCVE AI on March 21, 2026 at 15:07 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 16 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 16 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Zkteco
Zkteco zktime.net
Vendors & Products Zkteco
Zkteco zktime.net

Sun, 15 Mar 2026 14:00:00 +0000

Type Values Removed Values Added
Description ZKTeco ZKTime.Net 3.0.1.6 contains an insecure file permissions vulnerability that allows unprivileged users to escalate privileges by modifying executable files. Attackers can exploit world-writable permissions on the ZKTimeNet3.0 directory and its contents to replace executable files with malicious binaries for privilege escalation.
Title ZKTeco ZKTime.Net 3.0.1.6 Insecure File Permissions Privilege Escalation
Weaknesses CWE-538
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Zkteco Zktime.net
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-16T14:20:21.142Z

Reserved: 2026-03-15T12:36:03.511Z

Link: CVE-2016-20024

cve-icon Vulnrichment

Updated: 2026-03-16T14:18:00.739Z

cve-icon NVD

Status : Deferred

Published: 2026-03-16T14:17:48.350

Modified: 2026-04-15T14:56:45.970

Link: CVE-2016-20024

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-23T14:01:52Z

Weaknesses