CVE-2025-4994
Deferred
Deferred - Pending Action
Authentication Bypass in SafeLine SL6 via BLE
Vulnerability report for CVE-2025-4994, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-06-22
Last updated on: 2026-07-07
Assigner: SCHUTZWERK
Description
Description
The SafeLine SL6 and SL6+ devices integrated into elevator emergency intercom systems are vulnerable to an authentication bypass. This vulnerability allows attackers to bypass authentication requirements and access the device's configuration service via the Bluetooth Low Energy (BLE) interface. Consequently, an attacker within wireless range can gain unauthorized administrative access to the device configuration.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| schΓΌtzwerk | sl6 | From 4.82 (inc) to 4.96 (inc) |
| schΓΌtzwerk | sl6+ | From 4.82 (inc) to 4.96 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-305 | The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error. |