CVE-2025-59094: Privilege Escalation in Kaba exos 9300 System
Platform
other
Component
kaba-exos-9300-system-management
A critical Privilege Escalation vulnerability has been discovered in the Kaba exos 9300 System management application (d9sysdef.exe). This flaw allows a local attacker to execute arbitrary code with SYSTEM privileges by exploiting the application's ability to schedule executable files. All versions of the Kaba exos 9300 System management are affected, and a patch is not currently available, necessitating manual mitigation strategies.
Impact and Attack Scenarios
The impact of this vulnerability is severe. A successful exploitation allows an attacker to gain complete control over the system running the Kaba exos 9300 System management application. This includes the ability to install malware, steal sensitive data, modify system configurations, and potentially pivot to other systems on the network. The SYSTEM privileges granted by this escalation effectively bypass standard security controls, making it a high-risk vulnerability. The ability to schedule arbitrary executables with elevated privileges mirrors the impact of other privilege escalation vulnerabilities, potentially allowing for full system compromise.
Exploitation Context
This vulnerability is currently not listed on the CISA KEV catalog. The probability of exploitation is considered medium due to the local nature of the vulnerability and the lack of publicly available exploits. However, the high impact of successful exploitation warrants immediate attention. Public proof-of-concept code is not currently available, but the vulnerability's nature suggests it could be relatively easily exploited by skilled attackers.
Threat Intelligence
Exploit Status
EPSS
0.02% (3% percentile)
CISA SSVC
Affected Software
Weakness Classification (CWE)
Timeline
- Reserved
- Published
- EPSS updated
Mitigation and Workarounds
Due to the absence of a direct patch, mitigation focuses on restricting access and preventing exploitation. Immediately restrict access to the d9sysdef.exe application to only authorized personnel. Implement strict file system permissions to prevent unauthorized modification of the application's configuration files. Consider disabling the scheduling functionality within the application if it is not essential. Regularly monitor system logs for suspicious activity, particularly any attempts to modify scheduled tasks or execute unexpected processes. After implementing these controls, verify their effectiveness by attempting to trigger the vulnerability in a controlled environment.
How to fix
Apply the manual mitigations provided by the vendor dormakaba. Consult security advisories on their website for detailed instructions on how to prevent privilege escalation.
CVE Security Newsletter
Vulnerability analysis and critical alerts directly to your inbox.
Frequently asked questions
What is CVE-2025-59094 — Privilege Escalation in Kaba exos 9300 System?
CVE-2025-59094 is a vulnerability in the Kaba exos 9300 System management application allowing local attackers to gain SYSTEM privileges and execute arbitrary code.
Am I affected by CVE-2025-59094 in Kaba exos 9300 System?
Yes, all versions of the Kaba exos 9300 System management application are currently affected by this vulnerability. A patch is not yet available.
How do I fix CVE-2025-59094 in Kaba exos 9300 System?
Since a patch is unavailable, mitigation involves restricting access to the application, implementing strict file system permissions, and monitoring system logs for suspicious activity.
Is CVE-2025-59094 being actively exploited?
While no active exploitation has been confirmed, the vulnerability's nature suggests it could be exploited by skilled attackers.
Where can I find the official Kaba advisory for CVE-2025-59094?
Please refer to the Kaba website or contact Kaba support for the latest advisory and security recommendations regarding CVE-2025-59094.
Is your project affected?
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.