Search
Search Results (22 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-59094 | 1 Dormakaba | 1 Kaba Exos 9300 | 2026-04-15 | N/A |
| A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System management application (d9sysdef.exe). Within this application it is possible to specify an arbitrary executable as well as the weekday and start time, when the specified executable should be run with SYSTEM privileges. | ||||
| CVE-2025-59106 | 2 Dormakaba, Dormakabagroup | 13 Access Manager, Dormakaba Access Manager 9200-k5, Dormakaba Access Manager 9200-k5 Firmware and 10 more | 2026-02-12 | 8.8 High |
| The binary serving the web server and executing basically all actions launched from the Web UI is running with root privileges. This is against the least privilege principle. If an attacker is able to execute code on the system via other vulnerabilities it is possible to directly execute commands with highest privileges. | ||||