CVE-2025-27392
published 2025-03-11CVE-2025-27392: A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when…
high8.6CVSS 4.0
AVNACLATNPRHUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new VXLAN configurations.
This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | scalance_lpe9403 | < V4.0 | V4.0 |
| siemens | scalance_lpe9403_firmware | < 4.0 | 4.0 |