Security Advisory

CVE-2025-59107

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-26 10:06:22

Last updated 2026-01-26 15:38:11

Assigner SEC-VLab

State PUBLISHED

Description

Dormakaba provides the software FWServiceTool to update the firmware version of the Access Managers via the network. The firmware in some instances is provided in an encrypted ZIP file. Within this tool, the password used to decrypt the ZIP and extract the firmware is set statically and can be extracted. This password was valid for multiple observed firmware versions.

← Browse all CVEs View on cve.org ↗