SiPass CVE-2025-27494
CRITICALSeverity by source
AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize input for the pubkey endpoint of the REST API. This could allow an authenticated remote administrator to escalate privileges by injecting arbitrary commands that are executed with root privileges.
AnalysisAI
Siemens SiPass integrated access control systems (AC5102 ACC-G2 and ACC-AP, before V6.4.9) allow authenticated administrators to escalate to root via command injection in the REST API's pubkey endpoint. While high privileges are required, the scope change enables full system compromise.
Technical ContextAI
The pubkey endpoint of the REST API fails to sanitize administrator-supplied input before passing it to a system command (CWE-20). An authenticated administrator can inject OS commands that execute with root privileges, escalating beyond their intended access level.
Affected ProductsAI
SiPass integrated AC5102 (ACC-G2) < V6.4.9, SiPass integrated ACC-AP < V6.4.9
RemediationAI
Update to SiPass integrated V6.4.9 or later. Restrict admin API access to trusted networks. Audit admin account usage and implement MFA for admin access.
Same weakness CWE-20 – Improper Input Validation
View allSame technique Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today