CVE 8.7 HIGH

Authentication Bypass for SafeLine SL6 and SL6+_CVE-2025-4994

June 22, 2026 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

The SafeLine SL6 and SL6+ devices integrated into elevator emergency intercom systems are vulnerable to an authentication bypass. This vulnerability allows attackers to bypass authentication requirements and access the device's configuration service via the Bluetooth Low Energy (BLE) interface. Consequently, an attacker within wireless range can gain unauthorized administrative access to the device configuration.

AI Analysis

Authentication bypass vulnerability in SafeLine SL6 and SL6+ devices, allowing unauthorized access to device configuration via Bluetooth Low Energy (BLE) interface.

Basic Information

ID CVE-2025-4994

Source SCHUTZWERK

Published Jun 22, 2026 at 08:10

Affected Product

Vendor SafeLine

Product SafeLine SL6/SL6+

Version 4.82

Affected Versions SafeLine SafeLine SL6/SL6+ 4.82

CWE Classification

CWE-305

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor SafeLine

Product SafeLine SL6/SL6+

Version 4.82

References

www.schutzwerk.com /en/blog/schutzwerk-sa-2025-001/

{
    "lastseen": "",
    "description": "The SafeLine SL6 and SL6+ devices integrated into elevator emergency intercom systems are vulnerable to an authentication bypass. This vulnerability allows attackers to bypass authentication requirements and access the device's configuration service via the Bluetooth Low Energy (BLE) interface. Consequently, an attacker within wireless range can gain unauthorized administrative access to the device configuration.",
    "published": "2026-06-22T08:10:29.737Z",
    "modified": "2026-06-22T08:10:29.737Z",
    "type": "cve",
    "title": "Authentication Bypass for SafeLine SL6 and SL6+",
    "source": "SCHUTZWERK",
    "references": "https://www.schutzwerk.com/en/blog/schutzwerk-sa-2025-001/",
    "id": "CVE-2025-4994",
    "bulletinFamily": "",
    "cwe": [
        "CWE-305"
    ],
    "cvelist": null,
    "sourceData": "SafeLine SafeLine SL6/SL6+ 4.82",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SafeLine SL6/SL6+",
    "version": "4.82",
    "vendor": "SafeLine",
    "ai_description": "Authentication bypass vulnerability in SafeLine SL6 and SL6+ devices, allowing unauthorized access to device configuration via Bluetooth Low Energy (BLE) interface.",
    "ai_severity": "High",
    "ai_vendor": "SafeLine",
    "ai_product": "SafeLine SL6/SL6+",
    "ai_version": "4.82",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply