Primary

Context

Siemens SCALANCE LPE9403 Path Traversal Vulnerability Allowing Unauthorized Backup Access

Vulnerability

A path traversal vulnerability has been identified in Siemens SCALANCE LPE9403 (6GK5998-3GS00-2AC2), affecting all versions. This vulnerability allows a privileged local attacker to access and restore backups located outside the designated backup folder, potentially leading to unauthorized data retrieval.

Impact

Exploitation of this vulnerability could result in unauthorized access to backup data, allowing for data restoration from outside the specified backup directory.

Remediation

Currently, no fix is available for this vulnerability. Siemens recommends restricting access to authorized and trusted personnel only. For further guidance, consult the Siemens General Security Recommendations and the operational guidelines for Industrial Security.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

3.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

3.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Siemens SCALANCE LPE9403 Path Traversal Vulnerability Allowing Unauthorized Backup Access

Vulnerability

Impact

Remediation

Affected Products

Siemens SCALANCE LPE9403

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating