{"cve":{"cve_id":"CVE-2025-4994","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.002,"epss_percentile":0.09786,"epss_as_of":"2026-06-23","description":"The SafeLine SL6 and SL6+ devices integrated into elevator emergency intercom systems are vulnerable to an authentication bypass. This vulnerability allows attackers to bypass authentication requirements and access the device's configuration service via the Bluetooth Low Energy (BLE) interface. Consequently, an attacker within wireless range can gain unauthorized administrative access to the device configuration.","published_at":"2026-06-22T08:10:29.737000Z","last_modified_at":null,"cvss_v3_score":null,"cvss_v3_vector":null,"cvss_v3_severity":null,"cvss_v4_score":8.7,"cvss_v4_vector":"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","cvss_v4_severity":"HIGH","ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":["CWE-305"],"nvd_references":["https://www.schutzwerk.com/en/blog/schutzwerk-sa-2025-001/"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:27:21.345201Z"},"effective_severity":"HIGH","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":null,"metrics":[]},"cvss_v4_decoded":{"version":"4.0","metrics":[{"metric":"AV","name":"Attack Vector","value":"A","value_label":"Adjacent"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"AT","name":"Attack Requirements","value":"N","value_label":"None"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"VC","name":"Confidentiality (Vulnerable System)","value":"H","value_label":"High"},{"metric":"VI","name":"Integrity (Vulnerable System)","value":"H","value_label":"High"},{"metric":"VA","name":"Availability (Vulnerable System)","value":"H","value_label":"High"},{"metric":"SC","name":"Confidentiality (Subsequent System)","value":"N","value_label":"None"},{"metric":"SI","name":"Integrity (Subsequent System)","value":"N","value_label":"None"},{"metric":"SA","name":"Availability (Subsequent System)","value":"N","value_label":"None"}]},"affected":[{"vendor_slug":"safeline","vendor_name":"SafeLine","product_slug":"safeline-sl6-sl6","product_name":"SafeLine SL6/SL6+","version_start":"4.82","version_start_inclusive":true,"version_end":"4.97","version_end_inclusive":false,"cpe23_uri":"cve5:safeline:safeline-sl6-sl6:4.82:4.97"}],"exploit_refs":[],"news":[],"references":[{"url":"https://www.schutzwerk.com/en/blog/schutzwerk-sa-2025-001/","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2026-06-22T08:10:29.737000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:47:23.634638Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:47:23.634638Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:47:23.634638Z","label":"CVSS score revised","source":"cvelistv5"}]}