216.73.216.169

CVE-2025-59094

· Published 26/01/2026 10:16 · Modified 26/01/2026 15:03

Labels: CVE-2025-59094 2026-01-26551230f0-3615-47bd-b7cc-93e92e730bbfCVE-2025-59094CWE-269

Essential information

Published
26/01/2026 10:16
Modified
26/01/2026 15:03
Author
Creator
CVSS
8.4 HIGH (v3) 8.4 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System management application (d9sysdef.exe). Within this application it is possible to specify an arbitrary executable as well as the weekday and start time, when the specified executable should be run with SYSTEM privileges.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
551230f0-3615-47bd-b7cc-93e92e730bbf
NVD
View on NVD

Affected products (CPE)

ProductCPE
kaba / exos 9300 system management application cpe:2.3:a:kaba:exos_9300_system_management_application:*:*:*:*:*:*:*:*

References