VDB
CVE-2024-52285
CVE-2024-52285
PUBLISHED
CVSS 5.300000190734863 MEDIUM
A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.8), SiPass integrated ACC-AP (All versions < V6.4.8). Affected devices expose several MQTT URLs without authentication. This could allow an unauthenticated remote attacker to access sensitive data.
EPSS 0.32% · 55.1th percentile
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.32%
55.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | SiPass integrated ACC-AP | 0 |
| Siemens | SiPass integrated AC5102 (ACC-G2) | 0 |
Exploit Intelligence
- CIRCL seen: CVE-2024-52285 (circl-sighting)
- https://cert-portal.siemens.com/productcert/html/ssa-515903.html (circl)
Timeline
- Mar 11, 2025 CVE Published
- Mar 12, 2025 EPSS Score
- Mar 13, 2025 PoC Published
- Mar 18, 2025 Coalition ESS Score
- Mar 26, 2025 EPSS Score
- Apr 8, 2025 EPSS Score
- Apr 22, 2025 EPSS Score
- May 5, 2025 EPSS Score
- May 19, 2025 EPSS Score
- Jun 2, 2025 EPSS Score
- Jun 15, 2025 EPSS Score
- Jun 29, 2025 EPSS Score