A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions), SiPass integrated ACC-AP (All versions). Affected devices do not properly check the integrity of firmware updates. This could allow a local attacker to upload a maliciously modified firmware onto the device. In a second scenario, a remote attacker who is able to intercept the transfer of a valid firmware from the server to the device could modify the firmware "on the fly".
2025-05-23T15:15:21.220
2025-08-22T19:41:25.447
Analyzed
CVSSv3.1: 6.2 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | siemens | sipass_integrated_ac5102_\(acc-g2\)_firmware | * | Yes |
| Hardware | siemens | sipass_integrated_ac5102_\(acc-g2\) | - | No |
| Operating System | siemens | sipass_integrated_acc-ap_firmware | * | Yes |
| Hardware | siemens | sipass_integrated_acc-ap | - | No |