CVE-2025-27494
Published: 11 March 2025
Description
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Security Summary
CVE-2025-27494 is a vulnerability in SiPass integrated AC5102 (ACC-G2) and SiPass integrated ACC-AP, affecting all versions prior to V6.4.9. The flaw involves improper input sanitization in the pubkey endpoint of the REST API, classified under CWE-20 (Improper Input Validation). It carries a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H), indicating critical severity due to network accessibility, low attack complexity, and high-impact scope changes.
An authenticated remote administrator can exploit this vulnerability over the network with no user interaction required. By sending crafted input to the pubkey endpoint, the attacker injects arbitrary commands that execute with root privileges, enabling privilege escalation from administrator to root and full device compromise, including high confidentiality, integrity, and availability impacts.
Siemens security advisory SSA-515903 provides details on the vulnerability and mitigation. Affected devices should be upgraded to version V6.4.9 or later, which addresses the input sanitization issue. Additional guidance is available at https://cert-portal.siemens.com/productcert/html/ssa-515903.html.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability enables command injection via a public-facing REST API endpoint (pubkey), allowing an authenticated admin to execute arbitrary commands as root, directly mapping to exploitation of public-facing applications and privilege escalation.