CVE-2025-59092

Name of the Vulnerable Software and Affected Versions exos 9300 (affected versions not specified)

Description An RPC service, part of exos 9300, is accessible on port 4000 and executed by the process FSMobilePhoneInterface.exe. This service facilitates interprocess communication between services and the Kaba exos 9300 GUI, handling status information related to Access Managers. Interaction with the service does not require authentication, allowing arbitrary status information regarding door contacts to be sent without prior authorization.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.