Siemens SiPass

MonitorCVSS 6.2ICS-CERT ICSA-25-148-01May 23, 2025

Siemens

Attack path

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

SiPass integrated ACC (Advanced Central Controller) devices do not properly verify the integrity of firmware updates. This allows an attacker to upload maliciously modified firmware to the device without detection, potentially gaining full control over the access control system. Affected products are the ACC-G2 (AC5102) and ACC-AP models across all versions. No firmware updates are planned by Siemens to address this vulnerability.

What this means

What could happen

An attacker with local access to the device could upload maliciously modified firmware without detection, gaining complete control over the access controller and potentially preventing legitimate users from entering secured facilities or unlocking doors.

Who's at risk

Facility security teams and building operators using Siemens SiPass integrated access control systems, particularly those managing door locks, badge readers, and access permissions for security-sensitive areas such as data centers, manufacturing plants, and office buildings.

How it could be exploited

An attacker with local or network access to the SiPass ACC device could craft a modified firmware image and upload it via the management interface. Without firmware integrity verification, the device would accept and execute the malicious code, allowing the attacker to gain full control of the access control system.

Prerequisites

Local or network access to the SiPass ACC device management interface
Ability to initiate firmware upload process

No patch available (end-of-life products)Local access exploitation pathLow technical complexity to exploitCould compromise physical security of facilities

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (2)

2 EOL

ProductAffected VersionsFix Status

SiPass integrated AC5102 (ACC-G2)All versionsNo fix (EOL)

SiPass integrated ACC-APAll versionsNo fix (EOL)

Remediation & Mitigation

0/4

Do now

0/2

HARDENINGEnable TLS encryption for all communication between management servers and SiPass ACC devices to prevent on-path interception and modification of firmware during upload

HARDENINGRestrict network access to the SiPass ACC device management interface using firewall rules; allow updates only from authorized management workstations on dedicated administrative network segments

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HARDENINGImplement strict change control procedures for any firmware updates; verify firmware sources and store only authorized updates in a secure, offline repository

Mitigations - no patch available

0/1

The following products have reached End of Life with no planned fix: SiPass integrated AC5102 (ACC-G2), SiPass integrated ACC-AP. Apply the following compensating controls:

HARDENINGPhysically isolate SiPass ACC devices behind firewalls and implement network segmentation to prevent direct access from business networks or untrusted sources

CVEs (1)

CVE-2022-31807

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/e6591cfd-38d1-4c9d-a033-19aaf8fe932e

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.