Vulnerability in Dormakaba Access Manager 92xx-k5

CVE-2025-59103

The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is exposed on port 22. By analyzing the firmware…

EPSS: 0.001 (22.6th percentile) — read the EPSS interpretation.

Affected products

Dormakaba Access Manager 92xx-k5 — versions 92xx-K5: <BAME 05.01.88

Weakness classification (CWE)

CWE-1391

References

r.sec-consult.com/dormakaba (technical-description)
r.sec-consult.com/dkaccess (third-party-advisory)
www.dormakabagroup.com/en/security-advisories (vendor-advisory)