CVE-2025-59100 MEDIUM

CVE-2025-59100: Unauthenticated Access to the SQLite Database in dormakaba access manager

Vendor Dormakaba
Product Access Manager 92xx-k5
Weakness CWE-285
Published January 26, 2026
Last update January 26, 2026

CVSS base score

5.9/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

The web interface offers a functionality to export the internal SQLite database. After executing the database export, an automatic download is started and the device reboots. After rebooting, the exported database is deleted and cannot be accessed anymore. However, it was noticed that sometimes the device does not reboot and therefore the exported database is not deleted, or the device reboots and the export is not deleted for unknown reasons. The path where the database export is located can be accessed without prior authentication. This leads to the fact that an attacker might be able to get access to the exported database without prior authentication. The database includes sensitive data like passwords, card pins, encrypted Mifare sitekeys and much more.

Key dates

02Disclosure timeline

January 26, 2026 CVE published
January 26, 2026 Record updated