Siemens

Scalance Lpe9403 Firmware

27 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.7

CVE-2025-40573

  • EPSS 0.03%
  • Veröffentlicht 13.05.2025 09:38:56
  • Zuletzt bearbeitet 08.07.2025 11:15:27

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices are vulnerable to path traversal attacks. This could allow a privileged local attacker to restore backups that are outside the b...

6.8

CVE-2025-40572

  • EPSS 0.02%
  • Veröffentlicht 13.05.2025 09:38:55
  • Zuletzt bearbeitet 08.07.2025 11:15:27

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly assign permissions to critical ressources. This could allow a non-privileged local attacker to access sensitive ...

2.7

CVE-2025-27398

  • EPSS 0.06%
  • Veröffentlicht 11.03.2025 09:48:30
  • Zuletzt bearbeitet 22.08.2025 17:51:58

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly neutralize special characters when interpreting user controlled log paths. This could allow an authenticated highly-...

3.8

CVE-2025-27397

  • EPSS 0.06%
  • Veröffentlicht 11.03.2025 09:48:28
  • Zuletzt bearbeitet 22.08.2025 17:58:09

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit user controlled paths to which logs are written and from where they are read. This could allow an authenticate...

8.8

CVE-2025-27396

  • EPSS 0.19%
  • Veröffentlicht 11.03.2025 09:48:27
  • Zuletzt bearbeitet 22.08.2025 18:01:30

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit the elevation of privileges required to perform certain valid functionality. This could allow an authenticated...

6.5

CVE-2025-27395

  • EPSS 0.13%
  • Veröffentlicht 11.03.2025 09:48:26
  • Zuletzt bearbeitet 22.08.2025 18:04:09

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit the scope of files accessible through and the privileges of the SFTP functionality. This could allow an authen...

7.2

CVE-2025-27394

  • EPSS 0.48%
  • Veröffentlicht 11.03.2025 09:48:24
  • Zuletzt bearbeitet 22.08.2025 18:04:34

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new SNMP users. This could allow an authenticated highly-privileged remote attacke...

7.2

CVE-2025-27393

  • EPSS 0.48%
  • Veröffentlicht 11.03.2025 09:48:23
  • Zuletzt bearbeitet 22.08.2025 18:05:18

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new users. This could allow an authenticated highly-privileged remote attacker to ...

7.2

CVE-2025-27392

  • EPSS 0.48%
  • Veröffentlicht 11.03.2025 09:48:22
  • Zuletzt bearbeitet 25.08.2025 01:28:47

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new VXLAN configurations. This could allow an authenticated highly-privileged remo...

2.7

CVE-2023-27410

  • EPSS 0.07%
  • Veröffentlicht 09.05.2023 13:15:16
  • Zuletzt bearbeitet 21.11.2024 07:52:51

A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A heap-based buffer overflow vulnerability was found in the `edgebox_web_app` binary. The binary will crash if supplied with a backup password longer than 255 characters. ...