CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-31807

A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions), SiPass integrated ACC-AP (All versions). Affected devices do not properly check the integrity of firmware updates. This could allow a local attacker to upload a maliciously modified firmware onto the device. In a second scenario, a remote attacker who is able to intercept the transfer of a valid firmware from the server to the device could modify the firmware "on the fly".

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.4%

CVSS Severity

CVSS v3 Score 6.2

References

https://cert-portal.siemens.com/productcert/html/ssa-367714.html

Products affected by CVE-2022-31807

Siemens » Sipass Integrated Ac5102 (Acc-G2) » Version: N/A

cpe:2.3:h:siemens:sipass_integrated_ac5102_(acc-g2):-
Siemens » Sipass Integrated Acc-Ap » Version: N/A

cpe:2.3:h:siemens:sipass_integrated_acc-ap:-
Siemens » Sipass Integrated Ac5102 (Acc-G2) Firmware » Version: N/A

cpe:2.3:o:siemens:sipass_integrated_ac5102_(acc-g2)_firmware:-
Siemens » Sipass Integrated Ac5102 (Acc-G2) Firmware » Version: 2.85.44

cpe:2.3:o:siemens:sipass_integrated_ac5102_(acc-g2)_firmware:2.85.44
Siemens » Sipass Integrated Acc-Ap Firmware » Version: N/A

cpe:2.3:o:siemens:sipass_integrated_acc-ap_firmware:-
Siemens » Sipass Integrated Acc-Ap Firmware » Version: 2.85.43

cpe:2.3:o:siemens:sipass_integrated_acc-ap_firmware:2.85.43

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-31807

Products

Pricing

Contact Us