Primary

Context

Siemens SCALANCE LPE9403 Incorrect Permission Assignment Vulnerability Allowing Interaction with Backup Manager Service

Vulnerability

A vulnerability exists in all versions of the Siemens SCALANCE LPE9403 (6GK5998-3GS00-2AC2) due to improper permission assignments to critical resources. This flaw enables a non-privileged local attacker to interact with the backupmanager service on the device.

Impact

Exploitation of this vulnerability could lead to unauthorized interaction with the backupmanager service, potentially allowing manipulation of backup processes or data.

Remediation

Siemens has not yet released a fix for this vulnerability. However, it is recommended to restrict access to authorized and trusted personnel only.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

0.6

exploitability

3.5

remediation

7.9

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

0.6

exploitability

3.5

remediation

7.9

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Siemens SCALANCE LPE9403 Incorrect Permission Assignment Vulnerability Allowing Interaction with Backup Manager Service

Vulnerability

Impact

Remediation

Affected Products

Siemens SCALANCE LPE9403

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating