EUVD-2026-32277

In Slican telephone exchanges secure key is generated in a predictable manner using properties of the telephone exchange which can be obtained without authentication. An unauthenticated attacker can deduce the secure key and obtain admin credentials. This issue was fixed in versions below: - IPx...

CVE-2026-35089

Slican telephone exchanges expose admin credentials because the secure key is generated predictably from exchange properties without authentication. CVE-2026-35089 (and CVE-2026-35087) describe an unauthenticated path to deduce the secure key and gain admin access. Remediations (per affected entr...

EUVD-2024-55350

Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows attackers to derive card access keys from a 32-bit unique identifier. Attackers can exploit the deterministic key generation process by calculating valid access keys using a simple mathematical transformation...

CVE-2024-58311

Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows attackers to derive card access keys from a 32-bit unique identifier. Attackers can exploit the deterministic key generation process by calculating valid access keys using a simple mathematical transformation...

CVE-2024-58311 Dormakaba Saflok System 6000 Key Generation Cryptographic Weakness

Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows attackers to derive card access keys from a 32-bit unique identifier. Attackers can exploit the deterministic key generation process by calculating valid access keys using a simple mathematical transformation...

CVE-2024-58311

Dormakaba Saflok System 6000 is affected by CVE-2024-58311 due to a predictable key generation algorithm that lets an attacker derive card access keys from a 32-bit card identifier. The underlying issue is a deterministic key derivation process, enabling key computation without requiring addition...

CVE-2024-58311 Dormakaba Saflok System 6000 Key Generation Cryptographic Weakness

Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows attackers to derive card access keys from a 32-bit unique identifier. Attackers can exploit the deterministic key generation process by calculating valid access keys using a simple mathematical transformation...

PT-2025-50973

Name of the Vulnerable Software and Affected Versions Dormakaba Saflok System 6000 affected versions not specified Description The Dormakaba Saflok System 6000 uses a key generation algorithm that is predictable. This allows attackers to calculate card access keys from a 32-bit unique identifier...

Dormakaba Saflok System 安全漏洞

Dormakaba Saflok System is a hotel access control and security management system from Dormakaba USA. A security vulnerability exists in Dormakaba Saflok System 6000 that stems from a predictable key generation algorithm that could lead to the derivation of card access keys...

CVE-2023-4489

The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and earlier. This makes the first S0 key generated at startup predictable, potentially allowing network key prediction and unauthorized S0 network access...

CVE-2019-0729

An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'...