OTPulse
FeedAboutContact

Siemens SiPass

Monitor6.2ICS-CERT ICSA-25-148-01May 23, 2025
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

SiPass integrated ACC (Advanced Central Controller) devices—both AC5102 (ACC-G2) and ACC-AP models—do not validate the integrity of firmware updates. This allows an attacker positioned on the network between the controller and its management server to intercept firmware update traffic, modify it with malicious code, and upload it to the device without detection. No vendor patches are available for these products.

What this means
What could happen
An attacker with access to the network path between a SiPass ACC controller and its management server could upload malicious firmware to the device, potentially giving them control over access control operations or other functions the device manages.
Who's at risk
Physical access control operators and facilities managers relying on SiPass integrated ACC-G2 or ACC-AP controllers for building security and entry systems. These are typically found in corporate facilities, government buildings, data centers, and critical infrastructure sites where controlled access is required.
How it could be exploited
An attacker positioned on the network between the SiPass ACC device and its management server intercepts the firmware update communication, modifies the firmware to include malicious commands, and sends the altered firmware to the device. Since the device does not validate firmware integrity, it accepts and installs the malicious firmware.
Prerequisites
  • Network access to communication path between SiPass ACC device and management server (on-path position)
  • Firmware update process must be initiated or in progress
  • TLS/encryption not enabled on the update channel
No patch availableOn-path attack (requires network position but no device compromise first)Could affect safety-critical access control systemsLow complexity attack if encryption is not enabled
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (2)
2 EOL
ProductAffected VersionsFix Status
SiPass integrated AC5102 (ACC-G2)All versionsNo fix (EOL)
SiPass integrated ACC-APAll versionsNo fix (EOL)
Remediation & Mitigation
0/4
Do now
0/3
HARDENINGEnable TLS encryption for all communication between SiPass ACC management servers and affected devices
HARDENINGRestrict network access to SiPass ACC devices to only authorized management workstations and servers
WORKAROUNDIf remote management access is required, use a VPN connection instead of direct internet access
Mitigations - no patch available
0/1
The following products have reached End of Life with no planned fix: SiPass integrated AC5102 (ACC-G2), SiPass integrated ACC-AP. Apply the following compensating controls:
HARDENINGIsolate SiPass ACC network segments from business networks using firewalls and network segmentation
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/e6591cfd-38d1-4c9d-a033-19aaf8fe932e
Siemens SiPass | CVSS 6.2 - OTPulse