RPC Service Vulnerability in Kaba exos 9300
CVE-2025-59092

8.7HIGH

Key Information:

Vendor

Dormakaba

Status
Kaba Exos 9300
Vendor
CVE Published:
26 January 2026

What is CVE-2025-59092?

The RPC service running on the Kaba exos 9300 at port 4000, associated with the FSMobilePhoneInterface.exe process, can be accessed without authentication. This service facilitates interprocess communication and exposes critical status information regarding access management systems. By exploiting this vulnerability, attackers can send arbitrary status updates about door contacts, potentially resulting in unauthorized access and manipulation of security protocols within the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Kaba exos 9300 < 4.4.0

References

https://r.sec-consult.com/dormakaba
technical-description
https://r.sec-consult.com/dkexos
third-party-advisory
https://www.dormakabagroup.com/en/security-advisories
vendor-advisory

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Clemens Stockenreitner, SEC Consult Vulnerability Lab
Werner Schober, SEC Consult Vulnerability Lab
JSON
.