Dormakaba Saflok System 6000 Predictable Key Generation Vulnerability

A vulnerability exists in the Dormakaba Saflok System 6000 due to a predictable key generation algorithm. This flaw allows attackers to derive card access keys from a 32-bit unique identifier. The deterministic nature of the key generation process can be exploited by applying a simple mathematical transformation to the card's unique identifier, resulting in the calculation of valid access keys.

Impact

Exploitation of this vulnerability allows for unauthorized access by deriving valid card access keys, which can be used to gain entry into secured areas or systems.

Reproduction

The vulnerability can be reproduced by inputting a 32-bit unique identifier in hexadecimal format into a provided exploit tool. This tool applies the mathematical transformation needed to generate the corresponding access key, which can then be used to bypass security measures that rely on card access authentication.