CNNVD-202601-4393 Information
CNNVD ID
CNNVD-202601-4393
Related CVE
- CNNVD Published: 2026-01-26
Description (Chinese)
Dormakaba Access Manager是美国Dormakaba公司的一个智能硬件控制器。 Dormakaba Access Manager存在安全漏洞,该漏洞源于导出的数据库有时未被删除且路径可无需身份验证访问,可能导致获取包含密码、卡PIN、加密Mifare站点密钥等敏感数据的数据库。
Description (English)
Dormakaba Access Manager is a smart hardware controller for Dormakaba in the United States. There is a security loophole in Dormakaba Access Manager, which stems from the fact that the exported database is sometimes not deleted and the path can be accessed without authentication, which may lead to access to databases containing sensitive data such as passwords, card PIN, encryption of the Mifare site key.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Dormakaba
Published
2026-01-26
Last Modified
2026-02-24
References
https://r.sec-consult.com/dormakaba https://r.sec-consult.com/dkaccess https://www.dormakabagroup.com/en/security-advisories https://access.redhat.com/security/cve/cve-2025-59100
Patch
https://www.dormakabagroup.com/en/security-advisories
Share on: