Vulnerability in Dormakaba Access Manager 92xx-k7

CVE-2025-59104

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint (or use the 6-Pin tag-connect cable). Thus, the attacker gains access to the bootloader, where the kernel command line can b…

EPSS: 0.000 (7.4th percentile) — read the EPSS interpretation.

Affected products

Dormakaba Access Manager 92xx-k7 — versions 92xx-k7: <BAME 06.00

Weakness classification (CWE)

CWE-1234

References

r.sec-consult.com/dormakaba (technical-description)
r.sec-consult.com/dkaccess (third-party-advisory)
www.dormakabagroup.com/en/security-advisories (vendor-advisory)