Unauthenticated TCP Socket Vulnerability in Access Manager from dormakaba
CVE-2025-59098

8.7HIGH

Key Information:

Vendor

Dormakaba

Status
Access Manager 92xx-k5
Access Manager 92xx-k7
Vendor
CVE Published:
26 January 2026

What is CVE-2025-59098?

The Access Manager from dormakaba has a vulnerability that exposes sensitive data through a continuously broadcasted TCP socket without any authentication or encryption. A tool named TraceClient.exe, provided through the Access Manager web interface, allows access to this socket, enabling an attacker with network-level access to retrieve critical information. This includes sensitive data such as Card IDs and entered PINs from Registration units, which can be exploited if the verbosity level is misconfigured or can be guessed via the SOAP interface. Proper security measures should be employed to mitigate unauthorized access and ensure sensitive data integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Access Manager 92xx-k5 92xx-K5: <XAMB 04.06.212

Access Manager 92xx-k7 92xx-K7: <BAME 05.02.156

References

https://r.sec-consult.com/dormakaba
technical-description
https://r.sec-consult.com/dkaccess
third-party-advisory
https://www.dormakabagroup.com/en/security-advisories
vendor-advisory

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Clemens Stockenreitner, SEC Consult Vulnerability Lab
Werner Schober, SEC Consult Vulnerability Lab
JSON
.