CVE-2024-52285 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-52285 PUBLISHED CVSS 5.300000190734863 MEDIUM

A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.8), SiPass integrated ACC-AP (All versions < V6.4.8). Affected devices expose several MQTT URLs without authentication. This could allow an unauthenticated remote attacker to access sensitive data.

EPSS 0.05% · 16.8th percentile

Risk Scores

CVSS v3.1

5.300000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS Score

0.05%

16.8th percentile

Affected Products

Vendor	Product	Versions
Siemens	SiPass integrated ACC-AP	0
Siemens	SiPass integrated AC5102 (ACC-G2)	0

Timeline

Mar 11, 2025 CVE Published
Mar 11, 2025 CVE Updated
Mar 12, 2025 EPSS Score
Mar 13, 2025 PoC Published
Mar 18, 2025 Coalition ESS Score
Mar 25, 2025 EPSS Score
Apr 7, 2025 EPSS Score
Apr 20, 2025 EPSS Score
May 3, 2025 EPSS Score
May 16, 2025 EPSS Score
May 29, 2025 EPSS Score
Jun 11, 2025 EPSS Score

References

Open in Interactive Console →