CVE-2025-27494

CRITICAL
2025-03-11 [email protected]
9.1
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 19:52 vuln.today
CVE Published
Mar 11, 2025 - 10:15 nvd
CRITICAL 9.1

Tags

Code Injection

Description

A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize input for the pubkey endpoint of the REST API. This could allow an authenticated remote administrator to escalate privileges by injecting arbitrary commands that are executed with root privileges.

Analysis

Siemens SiPass integrated access control systems (AC5102 ACC-G2 and ACC-AP, before V6.4.9) allow authenticated administrators to escalate to root via command injection in the REST API's pubkey endpoint. While high privileges are required, the scope change enables full system compromise.

Technical Context

The pubkey endpoint of the REST API fails to sanitize administrator-supplied input before passing it to a system command (CWE-20). An authenticated administrator can inject OS commands that execute with root privileges, escalating beyond their intended access level.

Affected Products

SiPass integrated AC5102 (ACC-G2) < V6.4.9, SiPass integrated ACC-AP < V6.4.9

Remediation

Update to SiPass integrated V6.4.9 or later. Restrict admin API access to trusted networks. Audit admin account usage and implement MFA for admin access.

Priority Score

46
Low Medium High Critical
KEV: 0
EPSS: +0.3
CVSS: +46
POC: 0

Share

CVE-2025-27494 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy