Description
A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System management application (d9sysdef.exe). Within this application it is possible to specify an arbitrary executable as well as the weekday and start time, when the specified executable should be run with SYSTEM privileges.
References (3)
Core 3
Core References
Various Sources technical-description
https://r.sec-consult.com/dormakaba
Various Sources third-party-advisory
https://r.sec-consult.com/dkexos
Various Sources vendor-advisory
https://www.dormakabagroup.com/en/security-advisories
Scores
CVSS v4
8.4
EPSS
0.0017
EPSS Percentile
6.5%
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-269
Status
published
Products (1)
dormakaba/Kaba exos 9300
All versions, manual mitigation needed!
Published
Jan 26, 2026
Tracked Since
Feb 18, 2026