CVE-2025-59109
MEDIUM EPSS 36.3%
Published Jan 26, 20265mo ago · Modified Jun 17, 20262w ago
5.1 CVSS 4.0
Published Jan 26, 2026 5mo ago
Last Modified Jun 17, 2026 2w ago
Description
The dormakaba registration units 9002 (PIN Pad Units) have an exposed UART header on the backside. The PIN pad is sending every button press to the UART interface. An attacker can use the interface to exfiltrate PINs. As the devices are explicitly built as Plug-and-Play to be easily replaced, an attacker is easily able to remove the device, install a hardware implant which connects to the UART and exfiltrates the data exposed via UART to another system (e.g. via WiFi).
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Attack Vector Physical
Attack Complexity Low
Privileges Required None
User Interaction A
Scope X
Threat Intelligence
EPSS Exploit Probability
36.3% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-1295
References 4
- seclists.org http://seclists.org/fulldisclosure/2026/Jan/24
- r.sec-consult.com https://r.sec-consult.com/dkaccess
- r.sec-consult.com https://r.sec-consult.com/dormakaba
- dormakabagroup.com https://www.dormakabagroup.com/en/security-advisories
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.