CVE-2022-31807

A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions), SiPass integrated ACC-AP (All versions). Affected devices do not properly check the integrity of firmware updates. This could allow a local attacker to upload a maliciously modified firmware onto the device. In a second scenario, a remote attacker who is able to intercept the transfer of a valid firmware from the server to the device could modify the firmware "on the fly".

CVSS v3 6.2 MEDIUM

6.2^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.5 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://cert-portal.siemens.com/productcert/html/ssa-367714.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:siemens:sipass_integrated_ac5102_\(acc-g2\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sipass_integrated_ac5102_\(acc-g2\):-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:siemens:sipass_integrated_acc-ap_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:sipass_integrated_acc-ap:-:*:*:*:*:*:*:*

History

22 Aug 2025, 19:41

Type	Values Removed	Values Added
References	~~() https://cert-portal.siemens.com/productcert/html/ssa-367714.html -~~	() https://cert-portal.siemens.com/productcert/html/ssa-367714.html - Vendor Advisory
First Time		Siemens sipass Integrated Ac5102 \(acc-g2\) Siemens sipass Integrated Acc-ap Firmware Siemens sipass Integrated Acc-ap Siemens sipass Integrated Ac5102 \(acc-g2\) Firmware Siemens
CPE		cpe:2.3:h:siemens:sipass_integrated_acc-ap:-:::::::* cpe:2.3:h:siemens:sipass_integrated_ac5102_\(acc-g2\):-:::::::* cpe:2.3:o:siemens:sipass_integrated_ac5102_\(acc-g2\)_firmware:::::::: cpe:2.3:o:siemens:sipass_integrated_acc-ap_firmware::::::::

23 May 2025, 15:54

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-23 15:15

Updated : 2025-08-22 19:41

NVD link : CVE-2022-31807

Mitre link : CVE-2022-31807

CVE.ORG link : CVE-2022-31807

JSON object : View

Products Affected

siemens

sipass_integrated_ac5102_\(acc-g2\)
sipass_integrated_acc-ap
sipass_integrated_ac5102_\(acc-g2\)_firmware
sipass_integrated_acc-ap_firmware

CWE

CWE-347

Improper Verification of Cryptographic Signature

{"id": "CVE-2022-31807", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "productcert@siemens.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.5}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}], "cvssMetricV40": [{"type": "Secondary", "source": "productcert@siemens.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.2, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-05-23T15:15:21.220", "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-367714.html", "tags": ["Vendor Advisory"], "source": "productcert@siemens.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "productcert@siemens.com", "description": [{"lang": "en", "value": "CWE-347"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions), SiPass integrated ACC-AP (All versions). Affected devices do not properly check the integrity of firmware updates. This could allow a local attacker to upload a maliciously modified firmware onto the device. In a second scenario, a remote attacker who is able to intercept the transfer of a valid firmware from the server to the device could modify the firmware \"on the fly\"."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en SiPass integrado AC5102 (ACC-G2) (todas las versiones) y SiPass integrado ACC-AP (todas las versiones). Los dispositivos afectados no comprueban correctamente la integridad de las actualizaciones de firmware. Esto podr\u00eda permitir que un atacante local cargue un firmware modificado maliciosamente en el dispositivo. En un segundo escenario, un atacante remoto capaz de interceptar la transferencia de un firmware v\u00e1lido del servidor al dispositivo podr\u00eda modificar el firmware sobre la marcha."}], "lastModified": "2025-08-22T19:41:25.447", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:sipass_integrated_ac5102_\\(acc-g2\\)_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE7B3F4B-9ABE-428A-B07C-87AB607D6491"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:sipass_integrated_ac5102_\\(acc-g2\\):-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0691F0D6-FC6C-41FC-8601-393AECB1E6E9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:sipass_integrated_acc-ap_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C24675A-3FDC-43CF-A54C-58B7DF03D7B5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:sipass_integrated_acc-ap:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7E714A08-D557-4F6F-B089-89E3FFB7105A"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "productcert@siemens.com"}