Siemens SiPass Integrated

Plan Patch8.8ICS-CERT ICSA-25-289-06Oct 14, 2025

Attack VectorAdjacent

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

SiPass integrated contains multiple vulnerabilities that allow an unauthenticated attacker on the same network segment to achieve arbitrary code execution, exploit user accounts, manipulate access control data, impersonate users, or compromise the SiPass server. The vulnerabilities are related to insufficient input validation (CWE-119, CWE-79), weak credential handling (CWE-257), and improper access control (CWE-639). These are not remotely exploitable from the internet but require local network access.

What this means

What could happen

An unauthenticated attacker on the same network segment as the SiPass server could exploit multiple vulnerabilities to execute arbitrary code, impersonate users, manipulate access control data, or compromise user accounts, potentially disrupting physical access control and facility security operations.

Who's at risk

This affects facility access control system operators and security managers running SiPass integrated versions 2.95 or 3.0. Physical access control systems are critical safety infrastructure that prevent unauthorized entry to sensitive areas, control rooms, and utility infrastructure. Compromise could allow an attacker to unlock doors, disable alarms, create fraudulent access credentials, or lock legitimate users out of facilities.

How it could be exploited

An attacker needs network access (adjacent network segment) to the SiPass integrated server. They can exploit authentication or input validation weaknesses to upload a malicious image file or craft a network request that bypasses authentication checks, leading to code execution or account compromise on the server.

Prerequisites

Network access to SiPass integrated server (same network segment or adjacent network)
Ability to upload untrusted image files or send crafted network requests to the affected server
No valid credentials required

No authentication requiredLow complexity attackCan manipulate access control dataCan impersonate usersAffects physical security and access control systems

Exploitability

Low exploit probability (EPSS 0.5%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

SiPass integrated V2.95< 2.95.3.232.95.3.23

SiPass integrated< 3.03.0

Remediation & Mitigation

0/5

Do now

0/2

SiPass integrated

WORKAROUNDRestrict network access to SiPass integrated server to authorized and trusted personnel only using firewall rules or access control lists

All products

WORKAROUNDDisable or restrict the ability to upload image files from untrusted sources until patched

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

SiPass integrated

HOTFIXUpdate SiPass integrated to version 3.0 or later

Long-term hardening

0/2

SiPass integrated

HARDENINGImplement network segmentation to isolate the SiPass integrated system behind a firewall, separate from business networks and not accessible from the internet

HARDENINGRequire VPN or secure remote access methods for any off-site administration of SiPass integrated

CVEs (4)

CVE-2023-35002 CVE-2025-40772 CVE-2025-40773 CVE-2025-40774

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/a7c1a247-cb77-4ce6-8b5e-4eae9a70d29b