CVE-2025-4994
Published: 22 June 2026
Summary
CVE-2025-4994 is a high-severity Authentication Bypass by Primary Weakness (CWE-305) vulnerability in Schutzwerk (inferred from references). Its CVSS base score is 8.7 (High).
Operationally, ranked at the 10.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-210297
Vulnerability details
The SafeLine SL6 and SL6+ devices integrated into elevator emergency intercom systems are vulnerable to an authentication bypass. This vulnerability allows attackers to bypass authentication requirements and access the device's configuration service via the Bluetooth Low Energy (BLE) interface. Consequently,…
more
an attacker within wireless range can gain unauthorized administrative access to the device configuration.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.