A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets.
An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd
process.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/html/ssa-327438.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
30 May 2025, 17:07
Type | Values Removed | Values Added |
---|---|---|
References | () https://cert-portal.siemens.com/productcert/html/ssa-327438.html - Vendor Advisory | |
CWE | NVD-CWE-noinfo | |
Summary |
|
|
CPE | cpe:2.3:o:siemens:scalance_lpe9403_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:scalance_lpe9403:-:*:*:*:*:*:*:* |
|
First Time |
Siemens scalance Lpe9403 Firmware
Siemens Siemens scalance Lpe9403 |
13 May 2025, 10:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-13 10:15
Updated : 2025-05-30 17:07
NVD link : CVE-2025-40575
Mitre link : CVE-2025-40575
CVE.ORG link : CVE-2025-40575
JSON object : View
Products Affected
siemens
- scalance_lpe9403
- scalance_lpe9403_firmware
CWE