CVE-2025-4994

The SafeLine SL6 and SL6+ devices integrated into elevator emergency intercom systems are vulnerable to an authentication bypass. This vulnerability allows attackers to bypass authentication requirements and access the device's configuration service via the Bluetooth Low Energy (BLE) interface. Consequently, an attacker within wireless range can gain unauthorized administrative access to the device configuration.

CVSS

No CVSS.

References

Link	Resource
https://www.schutzwerk.com/en/blog/schutzwerk-sa-2025-001/

Configurations

No configuration.

History

22 Jun 2026, 10:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-06-22 10:16

Updated : 2026-06-22 19:49

NVD link : CVE-2025-4994

Mitre link : CVE-2025-4994

CVE.ORG link : CVE-2025-4994

JSON object : View

Products Affected

No product.

CWE

CWE-305

Authentication Bypass by Primary Weakness

{"id": "CVE-2025-4994", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2025-4994", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "no"}, {"technicalImpact": "total"}], "version": "2.0.3", "timestamp": "2026-06-22T12:25:04.852373Z"}}], "cvssMetricV40": [{"type": "Secondary", "source": "23637b5d-af4c-4cf9-b8f6-deb7fd0f8423", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "affected": [{"source": "23637b5d-af4c-4cf9-b8f6-deb7fd0f8423", "affectedData": [{"vendor": "SafeLine", "product": "SafeLine SL6/SL6+", "versions": [{"status": "affected", "version": "4.82", "lessThan": "4.97", "versionType": "custom"}], "defaultStatus": "unaffected"}]}], "published": "2026-06-22T10:16:17.673", "references": [{"url": "https://www.schutzwerk.com/en/blog/schutzwerk-sa-2025-001/", "source": "23637b5d-af4c-4cf9-b8f6-deb7fd0f8423"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "23637b5d-af4c-4cf9-b8f6-deb7fd0f8423", "description": [{"lang": "en", "value": "CWE-305"}]}], "descriptions": [{"lang": "en", "value": "The SafeLine SL6 and SL6+ devices integrated into elevator emergency intercom systems are vulnerable to an authentication bypass. This vulnerability allows attackers to bypass authentication requirements and access the device's configuration service via the Bluetooth Low Energy (BLE) interface. Consequently, an attacker within wireless range can gain unauthorized administrative access to the device configuration."}], "lastModified": "2026-06-22T19:49:09.490", "sourceIdentifier": "23637b5d-af4c-4cf9-b8f6-deb7fd0f8423"}

CVE-2025-4994

JSON object

Attach tags to CVE-2025-4994

Attach tags to `CVE-2025-4994`