11 matches found
CVE-2025-59094
A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System management application d9sysdef.exe. Within this application it is possible to specify an arbitrary executable as well as the weekday and start time, when the specified executable should be run with SYSTEM...
CVE-2025-59095
The program libraries DLL and binaries used by exos 9300 contain multiple hard-coded secrets. One notable example is the function "EncryptAndDecrypt" in the library Kaba.EXOS.common.dll. This algorithm uses a simple XOR encryption technique combined with a cryptographic key cryptoKey to transform...
CVE-2025-59094
A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System management application d9sysdef.exe. Within this application it is possible to specify an arbitrary executable as well as the weekday and start time, when the specified executable should be run with SYSTEM...
CVE-2025-59096 Weak Default Password in dormakaba Kaba exos 9300
The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...
EUVD-2025-206357
The program libraries DLL and binaries used by exos 9300 contain multiple hard-coded secrets. One notable example is the function "EncryptAndDecrypt" in the library Kaba.EXOS.common.dll. This algorithm uses a simple XOR encryption technique combined with a cryptographic key cryptoKey to transform...
CVE-2025-59095
The program libraries DLL and binaries used by exos 9300 contain multiple hard-coded secrets. One notable example is the function "EncryptAndDecrypt" in the library Kaba.EXOS.common.dll. This algorithm uses a simple XOR encryption technique combined with a cryptographic key cryptoKey to transform...
CVE-2025-59095 Hard-coded Key for PIN Encryption in dormakaba Kaba exos 9300
The program libraries DLL and binaries used by exos 9300 contain multiple hard-coded secrets. One notable example is the function "EncryptAndDecrypt" in the library Kaba.EXOS.common.dll. This algorithm uses a simple XOR encryption technique combined with a cryptographic key cryptoKey to transform...
CVE-2025-59094
CVE-2025-59094 concerns the Kaba exos 9300 System management application (d9sysdef.exe). The issue is a local privilege escalation that allows an attacker to specify an arbitrary executable and the weekday/start time for it to run with SYSTEM privileges. The cited sources describe the vulnerabili...
EUVD-2025-206356
A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System management application d9sysdef.exe. Within this application it is possible to specify an arbitrary executable as well as the weekday and start time, when the specified executable should be run with SYSTEM...
CVE-2025-59094
A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System management application d9sysdef.exe. Within this application it is possible to specify an arbitrary executable as well as the weekday and start time, when the specified executable should be run with SYSTEM...
PT-2026-4744
A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System management application d9sysdef.exe. Within this application it is possible to specify an arbitrary executable as well as the weekday and start time, when the specified executable should be run with SYSTEM...