ГлавнаяУязвимости → CVE-2025-27493
8.2высокая

CVE-2025-27493

Описание

A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize user input for specific commands on the telnet command line interface. This could allow an authenticated local administrator to escalate privileges by injecting arbitrary commands that are executed with root privileges.

Затрагиваемое ПО
Siemens Sipass integrated ac5102 \(acc-g2\) firmwareSiemens Sipass integrated ac5102 \(acc-g2\)Siemens Sipass integrated acc-ap firmwareSiemens Sipass integrated acc-ap
CVSS
Балл8.2 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Источники
https://cert-portal.siemens.com/productcert/html/ssa-515903.html