{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-25T02:31:07.796","vulnerabilities":[{"cve":{"id":"CVE-2025-59093","sourceIdentifier":"551230f0-3615-47bd-b7cc-93e92e730bbf","published":"2026-01-26T10:16:06.723","lastModified":"2026-06-17T09:45:32.333","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Exos 9300 instances are using a randomly generated database password to connect to the configured MSSQL server. The password is derived from static random values, which are concatenated to the hostname and a random string that can be read by every user from the registry. This allows an attacker to derive the database password and get authenticated access to the central exos 9300 database as the user Exos9300Common. The user has the roles ExosDialog and ExosDialogDotNet assigned, which are able to read most tables of the database as well as update and insert into many tables."},{"lang":"es","value":"Las instancias de Exos 9300 están utilizando una contraseña de base de datos generada aleatoriamente para conectarse al servidor MSSQL configurado. La contraseña se deriva de valores aleatorios estáticos, que se concatenan al nombre de host y a una cadena aleatoria que puede ser leída por cualquier usuario del registro. Esto permite a un atacante derivar la contraseña de la base de datos y obtener acceso autenticado a la base de datos central de Exos 9300 como el usuario Exos9300Common. El usuario tiene asignados los roles ExosDialog y ExosDialogDotNet, los cuales pueden leer la mayoría de las tablas de la base de datos, así como actualizar e insertar en muchas tablas."}],"affected":[{"source":"551230f0-3615-47bd-b7cc-93e92e730bbf","affectedData":[{"vendor":"dormakaba","product":"Kaba exos 9300","defaultStatus":"affected","versions":[{"version":"All versions, manual mitigation needed!","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"551230f0-3615-47bd-b7cc-93e92e730bbf","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-01-26T17:24:45.795517Z","id":"CVE-2025-59093","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"551230f0-3615-47bd-b7cc-93e92e730bbf","type":"Secondary","description":[{"lang":"en","value":"CWE-656"}]}],"references":[{"url":"https://r.sec-consult.com/dkexos","source":"551230f0-3615-47bd-b7cc-93e92e730bbf"},{"url":"https://r.sec-consult.com/dormakaba","source":"551230f0-3615-47bd-b7cc-93e92e730bbf"},{"url":"https://www.dormakabagroup.com/en/security-advisories","source":"551230f0-3615-47bd-b7cc-93e92e730bbf"}]}}]}