CVE-2025-4994 · Symaro Security Advisory

Description

The SafeLine SL6 and SL6+ devices integrated into elevator emergency intercom systems are vulnerable to an authentication bypass. This vulnerability allows attackers to bypass authentication requirements and access the device's configuration service via the Bluetooth Low Energy (BLE) interface. Consequently, an attacker within wireless range can gain unauthorized administrative access to the device configuration.

Severity (CVSS)

Base score	8.7
Severity	High
Version	CVSS 4.0
Vector	CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Provided by	CNA

Weaknesses

CWE-305 — CWE-305 Authentication bypass by primary weakness

Affected products

Vendor	Product	Versions
SafeLine	SafeLine SL6/SL6+	4.82 to <4.97

References

https://www.schutzwerk.com/en/blog/schutzwerk-sa-2025-001/

Authoritative sources

This page is a snapshot. For the latest enrichment and updates, view the record on CVE.org or the NVD.

Generated from the official CVE List on 22 Jun 2026 14:43 UTC.