Plattform
other
Komponente
kaba-exos-9300-system-management
A critical Privilege Escalation vulnerability has been discovered in the Kaba exos 9300 System management application (d9sysdef.exe). This flaw allows a local attacker to execute arbitrary code with SYSTEM privileges by exploiting the application's ability to schedule executable files. All versions of the Kaba exos 9300 System management are affected, and a patch is not currently available, necessitating manual mitigation strategies.
The impact of this vulnerability is severe. A successful exploitation allows an attacker to gain complete control over the system running the Kaba exos 9300 System management application. This includes the ability to install malware, steal sensitive data, modify system configurations, and potentially pivot to other systems on the network. The SYSTEM privileges granted by this escalation effectively bypass standard security controls, making it a high-risk vulnerability. The ability to schedule arbitrary executables with elevated privileges mirrors the impact of other privilege escalation vulnerabilities, potentially allowing for full system compromise.
This vulnerability is currently not listed on the CISA KEV catalog. The probability of exploitation is considered medium due to the local nature of the vulnerability and the lack of publicly available exploits. However, the high impact of successful exploitation warrants immediate attention. Public proof-of-concept code is not currently available, but the vulnerability's nature suggests it could be relatively easily exploited by skilled attackers.
Organizations utilizing the Kaba exos 9300 System management application in physical access control systems are at significant risk. This includes facilities management companies, building security providers, and any organization relying on this system for access control. Legacy installations and systems with weak access controls are particularly vulnerable.
disclosure
Exploit-Status
EPSS
0.02% (3% Perzentil)
CISA SSVC
Due to the absence of a direct patch, mitigation focuses on restricting access and preventing exploitation. Immediately restrict access to the d9sysdef.exe application to only authorized personnel. Implement strict file system permissions to prevent unauthorized modification of the application's configuration files. Consider disabling the scheduling functionality within the application if it is not essential. Regularly monitor system logs for suspicious activity, particularly any attempts to modify scheduled tasks or execute unexpected processes. After implementing these controls, verify their effectiveness by attempting to trigger the vulnerability in a controlled environment.
Wenden Sie die manuellen Mitigationen an, die vom Anbieter dormakaba bereitgestellt werden. Sehen Sie sich die Sicherheitshinweise auf deren Website für detaillierte Anweisungen an, wie Sie die Privilegieeskalation vermeiden können.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-59094 is a vulnerability in the Kaba exos 9300 System management application allowing local attackers to gain SYSTEM privileges and execute arbitrary code.
Yes, all versions of the Kaba exos 9300 System management application are currently affected by this vulnerability. A patch is not yet available.
Since a patch is unavailable, mitigation involves restricting access to the application, implementing strict file system permissions, and monitoring system logs for suspicious activity.
While no active exploitation has been confirmed, the vulnerability's nature suggests it could be exploited by skilled attackers.
Please refer to the Kaba website or contact Kaba support for the latest advisory and security recommendations regarding CVE-2025-59094.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.