CVE-2024-29916

The dormakaba Saflok system before the November 2023 software update allows an attacker to unlock arbitrary doors at a property via forged keycards, if the attacker has obtained one active or expired keycard for the specific property, aka the "Unsaflok" issue. This occurs, in part, because the ke...

PT-2024-23138 · Dormakaba · Dormakaba Saflok System +5

Name of the Vulnerable Software and Affected Versions: dormakaba Saflok system versions prior to November 2023 software update Saflok MT versions prior to November 2023 software update Confidant series versions prior to November 2023 software update Quantum series versions prior to November 2023...

Dormakaba Saflok 安全漏洞

Dormakaba Saflok is an electronic locking system from Dormakaba. A security vulnerability in the Dormakaba Saflok system prior to version 2023.11, which stems from a UID-only dependency of the key derivation function, allows an attacker to use a pair of forged keycards to unlock all rooms in a...

CVE-2024-29916

The CVE describes a vulnerability in dormakaba Saflok systems (pre‑November‑2023 software update) where an attacker who has a valid active or expired keycard for a property can unlock arbitrary doors via forged keycards. The root cause is a UID‑only based key derivation function, affecting Saflok...