CVE-2024-58311
Predictable Key Generation in Dormakaba Saflok 6000 Enables Unauthorized Access
Publication date: 2025-12-12
Last updated on: 2025-12-12
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dormakaba | saflok_system_6000 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1245 | Faulty finite state machines (FSMs) in the hardware logic allow an attacker to put the system in an undefined state, to cause a denial of service (DoS) or gain privileges on the victim's system. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by analyzing the unique 32-bit identifiers (UIDs) of Dormakaba Saflok System 6000 cards and verifying if the derived keys match the predictable key generation algorithm described. Specifically, using the exploit code from ExploitDB-51832, which takes a 32-bit UID as input and outputs the derived 6-byte key, can help detect if keys are predictable. Since the exploit is a local hardware attack, detection involves capturing or reading card UIDs and running the key derivation algorithm to check for predictable keys. There are no specific network commands provided, but running the provided C program with card UIDs is the suggested method. [1, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps are not explicitly detailed in the provided resources. However, given the vulnerability stems from a predictable key generation algorithm, recommended actions would include restricting physical access to cards and readers to prevent attackers from obtaining UIDs, monitoring for unauthorized access attempts, and contacting Dormakaba for firmware updates or patches addressing the cryptographic weakness. Since the vulnerability allows key derivation from UIDs, replacing or updating the system to use a more secure key generation method is advisable. [3]
Can you explain this vulnerability to me?
This vulnerability in Dormakaba Saflok System 6000 involves a predictable key generation algorithm. Attackers can derive card access keys from a 32-bit unique identifier by exploiting the deterministic nature of the key generation process, allowing them to calculate valid access keys using a simple mathematical transformation of the card's unique identifier.
How can this vulnerability impact me? :
The vulnerability allows attackers to generate valid access keys, potentially granting unauthorized access to secured areas protected by the Dormakaba Saflok System 6000. This can lead to security breaches, unauthorized entry, and compromise of physical security.