Description

Multiple hardcoded credentials have been identified, which are allowed to sign-in to the exos 9300 datapoint server running on port 1004 and 1005. This server is used for relaying status information from and to the Access Managers. This information, among other things, is used to graphically visualize open doors and alerts. However, controlling the Access Managers via this interface is also possible. To send and receive status information, authentication is necessary. The Kaba exos 9300 application contains hard-coded credentials for four different users, which are allowed to login to the datapoint server and receive as well as send information, including commands to open arbitrary doors.

INFO

Published Date :

2026-01-26T10:03:34.142Z

Last Modified :

2026-01-26T17:26:08.713Z

Source :

SEC-VLab
AFFECTED PRODUCTS

The following products are affected by CVE-2025-59091 vulnerability.

Vendors Products
Dormakaba
  • Kaba Exos 9300
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-59091.

URL Resource
https://r.sec-consult.com/dkexos cve-icon cve-icon
https://r.sec-consult.com/dormakaba cve-icon cve-icon
https://www.dormakabagroup.com/en/security-advisories cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability