What is CVE-2025-27494?

CVE-2025-27494 (CVSS score 9.4) is an Improper Input Validation vulnerability. Affected devices improperly sanitize input for the pubkey endpoint of the REST API. This allows authenticated remote administrators to escalate privileges by injecting arbitrary commands, which are executed with root privileges.

What is CVE-2025-27493?

CVE-2025-27493 (CVSS score 9.3) is an Improper Input Validation vulnerability. Affected devices improperly sanitize user input for specific commands on the telnet command line interface. This allows authenticated local administrators to escalate privileges by injecting arbitrary commands, which are executed with root privileges.

What is CVE-2024-52285?

CVE-2024-52285 (CVSS score 6.9) is a Missing Authentication for Critical Function vulnerability. Affected devices expose several MQTT URLs without authentication, allowing unauthenticated remote attackers to access sensitive data.

Which Siemens products are affected by these vulnerabilities?

Affected products include: Siemens SiPass integrated AC5102 (ACC-G2) - all versions prior to V6.4.8 for CVE-2024-52285 and all versions prior to V6.4.9 for CVE-2025-27493 and CVE-2025-27494; Siemens SiPass integrated ACC-AP - all versions prior to V6.4.8 for CVE-2024-52285 and all versions prior to V6.4.9 for CVE-2025-27493 and CVE-2025-27494.

What patches has Siemens released for these vulnerabilities?

Siemens has released patches and recommends users take the following specific actions: 1) Update SiPass integrated AC5102 (ACC-G2) and ACC-AP to V6.4.8 or later to address CVE-2024-52285; 2) Update SiPass integrated AC5102 (ACC-G2) and ACC-AP to V6.4.9 or later to address CVE-2025-27493 and CVE-2025-27494.

Are there any additional mitigations for these vulnerabilities?

Yes, Siemens recommends setting an individual strong password for the administrator account 'SIEMENS' to mitigate CVE-2025-27493 and CVE-2025-27494.

Advisory

Siemens reports critical flaws in SiPass access control products

Q: What security vulnerabilities has Siemens fixed in their SiPass products?

Siemens has fixed multiple security vulnerabilities affecting their SiPass integrated access control products, potentially allowing attackers to execute commands with root privileges and access sensitive data. The vulnerabilities were reported to Siemens by Airbus Security.

published: March 14, 2025

Take action: If you are running SiPass integrated access control products, make sure the API interface and telnet is well isolated and can communicate ONLY to trusted networks/systems. No access from the internet. Then plan a patch.

Learn More

Siemens hs fixed multiple security vulnerabilities affecting their SiPass integrated access control products potentially allowing attackers to execute commands with root privileges and access sensitive data. The vulnerabilities were reported to Siemens by Airbus Security.

Vulnerability summary

CVE-2025-27494 (CVSS score 9.4) - Improper Input Validation. Affected devices improperly sanitize input for the pubkey endpoint of the REST API. Allows authenticated remote administrators to escalate privileges by injecting arbitrary commands. Commands are executed with root privileges
CVE-2025-27493 (CVSS score 9.3) - Improper Input Validation. Affected devices improperly sanitize user input for specific commands on the telnet command line interface. Allows authenticated local administrators to escalate privileges by injecting arbitrary commands. Commands are executed with root privileges.
CVE-2024-52285 (CVSS score 6.9) - Missing Authentication for Critical Function. Affected devices expose several MQTT URLs without authentication. Allows unauthenticated remote attackers to access sensitive data

Affected Products

Siemens SiPass integrated AC5102 (ACC-G2): All versions prior to V6.4.8 (for CVE-2024-52285)
Siemens SiPass integrated AC5102 (ACC-G2): All versions prior to V6.4.9 (for CVE-2025-27493, CVE-2025-27494)
Siemens SiPass integrated ACC-AP: All versions prior to V6.4.8 (for CVE-2024-52285)
Siemens SiPass integrated ACC-AP: All versions prior to V6.4.9 (for CVE-2025-27493, CVE-2025-27494)

Siemens has released patches and recommends users take the following specific actions:

Update SiPass integrated AC5102 (ACC-G2) and ACC-AP to V6.4.8 or later to address CVE-2024-52285
Update SiPass integrated AC5102 (ACC-G2) and ACC-AP to V6.4.9 or later to address CVE-2025-27493 and CVE-2025-27494
Set an individual strong password for the administrator account "SIEMENS" to mitigate CVE-2025-27493 and CVE-2025-27494

No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.

Siemens reports critical flaws in SiPass access control products

Read More
Rockwell Automation patches two critical vulnerabilities in Pavilion8
Multiple exploited critical vulnerabilities reported in PTZOptics and …
Critical authentication bypass in Güralp Systems seismic monitoring …
Multiple vulnerabilities reported in Hitachi Energy Asset Suite, …
Multiople Flaws Reported in Mobiliti EV Charging Infrastructure