Lucene search
K

21 matches found

RedhatCVE
RedhatCVE
added 2025/12/13 8:2 p.m.5 views

CVE-2024-58311

Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows attackers to derive card access keys from a 32-bit unique identifier. Attackers can exploit the deterministic key generation process by calculating valid access keys using a simple mathematical transformation...

9.8CVSS6.8AI score0.00374EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/12 9:31 p.m.5 views

EUVD-2024-55350

Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows attackers to derive card access keys from a 32-bit unique identifier. Attackers can exploit the deterministic key generation process by calculating valid access keys using a simple mathematical transformation...

9.8CVSS6.3AI score0.00374EPSS
Exploits0References4
NVD
NVD
added 2025/12/12 8:15 p.m.5 views

CVE-2024-58311

Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows attackers to derive card access keys from a 32-bit unique identifier. Attackers can exploit the deterministic key generation process by calculating valid access keys using a simple mathematical transformation...

9.8CVSS0.00374EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/12 7:57 p.m.4 views

CVE-2024-58311 Dormakaba Saflok System 6000 Key Generation Cryptographic Weakness

Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows attackers to derive card access keys from a 32-bit unique identifier. Attackers can exploit the deterministic key generation process by calculating valid access keys using a simple mathematical transformation...

9.8CVSS6.5AI score0.00374EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/12 7:57 p.m.20 views

CVE-2024-58311 Dormakaba Saflok System 6000 Key Generation Cryptographic Weakness

Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows attackers to derive card access keys from a 32-bit unique identifier. Attackers can exploit the deterministic key generation process by calculating valid access keys using a simple mathematical transformation...

9.8CVSS0.00374EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.8 views

PT-2025-50973

Name of the Vulnerable Software and Affected Versions Dormakaba Saflok System 6000 affected versions not specified Description The Dormakaba Saflok System 6000 uses a key generation algorithm that is predictable. This allows attackers to calculate card access keys from a 32-bit unique identifier...

9.8CVSS6.4AI score0.00374EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.6 views

Dormakaba Saflok System 安全漏洞

Dormakaba Saflok System is a hotel access control and security management system from Dormakaba USA. A security vulnerability exists in Dormakaba Saflok System 6000 that stems from a predictable key generation algorithm that could lead to the derivation of card access keys...

9.8CVSS6.6AI score0.00374EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 10:0 a.m.5 views

CVE-2024-29916

The dormakaba Saflok system before the November 2023 software update allows an attacker to unlock arbitrary doors at a property via forged keycards, if the attacker has obtained one active or expired keycard for the specific property, aka the "Unsaflok" issue. This occurs, in part, because the ke...

5.6CVSS7AI score0.00315EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/03/29 2:54 p.m.43 views

Dormakaba Locks Used in Millions of Hotel Rooms Could Be Cracked in Seconds

Security vulnerabilities discovered in Dormakaba's Saflok electronic RFID locks used in hotels could be weaponized by threat actors to forge keycards and stealthily slip into locked rooms. The shortcomings have been collectively named Unsaflok by researchers Lennert Wouters, Ian Carroll, rqu,...

7.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2024/03/27 11:1 a.m.17 views

Security Vulnerability in Saflok’s RFID-Based Keycard Locks

Its pretty devastating: Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok. The technique is a collection of security vulnerabilities that would allow a hacker to almost instantly open several models of...

7.7AI score
Exploits0
NVD
NVD
added 2024/03/21 5:15 p.m.18 views

CVE-2024-29916

The dormakaba Saflok system before the November 2023 software update allows an attacker to unlock arbitrary doors at a property via forged keycards, if the attacker has obtained one active or expired keycard for the specific property, aka the "Unsaflok" issue. This occurs, in part, because the ke...

5.6CVSS6.6AI score0.00315EPSS
Exploits0References4
Wired Threat Level
Wired Threat Level
added 2024/03/21 2:0 p.m.16 views

Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds

The company behind the Saflok-brand door locks is offering a fix, but it may take months or years to reach some hotels...

7.2AI score
Exploits0
Vulnrichment
Vulnrichment
added 2024/03/21 12:0 a.m.11 views

CVE-2024-29916

The dormakaba Saflok system before the November 2023 software update allows an attacker to unlock arbitrary doors at a property via forged keycards, if the attacker has obtained one active or expired keycard for the specific property, aka the "Unsaflok" issue. This occurs, in part, because the ke...

7AI score0.00315EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/03/21 12:0 a.m.31 views

CVE-2024-29916

The dormakaba Saflok system before the November 2023 software update allows an attacker to unlock arbitrary doors at a property via forged keycards, if the attacker has obtained one active or expired keycard for the specific property, aka the "Unsaflok" issue. This occurs, in part, because the ke...

6.9AI score0.00315EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/03/21 12:0 a.m.6 views

PT-2024-23138 · Dormakaba · Dormakaba Saflok System +5

Name of the Vulnerable Software and Affected Versions: dormakaba Saflok system versions prior to November 2023 software update Saflok MT versions prior to November 2023 software update Confidant series versions prior to November 2023 software update Quantum series versions prior to November 2023...

5.6CVSS7.3AI score0.00315EPSS
Exploits0References10
CVE
CVE
added 2024/03/21 12:0 a.m.62 views

CVE-2024-29916

The CVE describes a vulnerability in dormakaba Saflok systems (pre‑November‑2023 software update) where an attacker who has a valid active or expired keycard for a property can unlock arbitrary doors via forged keycards. The root cause is a UID‑only based key derivation function, affecting Saflok...

5.6CVSS6.9AI score0.00315EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.2 views

Dormakaba Saflok 安全漏洞

Dormakaba Saflok is an electronic locking system from Dormakaba. A security vulnerability in the Dormakaba Saflok system prior to version 2023.11, which stems from a UID-only dependency of the key derivation function, allows an attacker to use a pair of forged keycards to unlock all rooms in a...

5.6CVSS6.7AI score0.00315EPSS
Exploits0References4
0day.today
0day.today
added 2024/03/05 12:0 a.m.313 views

Saflok System 6000 Key Derivation Exploit

// Exploit Title: Saflok KDF // Vendor Homepage: https://www.dormakaba.com/ // Version: System 6000 // Tested on: Dormakaba Saflok cards // CVE: N/A include include define MAGICTABLESIZE 192 define KEYLENGTH 6 define UIDLENGTH 4 int mainint argc, char argv if argc != 2 printf"Usage: %s \n", argv0...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/28 12:0 a.m.318 views

Saflok System 6000 Key Derivation

// Exploit Title: Saflok KDF // Date: 2023-10-29 // Exploit Author: a51199deefa2c2520cea24f746d899ce // Vendor Homepage: https://www.dormakaba.com/ // Version: System 6000 // Tested on: Dormakaba Saflok cards // CVE: N/A include include define MAGICTABLESIZE 192 define KEYLENGTH 6 define UIDLENGT...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/02/28 12:0 a.m.353 views

Saflok - Key Derication Function Exploit

// Exploit Title: Saflok KDF // Exploit Author: a51199deefa2c2520cea24f746d899ce // Vendor Homepage: https://www.dormakaba.com/ // Version: System 6000 // Tested on: Dormakaba Saflok cards // CVE: N/A include include define MAGICTABLESIZE 192 define KEYLENGTH 6 define UIDLENGTH 4 int mainint argc...

7.4AI score
Exploits0
Rows per page
Query Builder