Primary

Context

Siemens SCALANCE LPE9403 Stack-Based Buffer Overflow Vulnerability Allowing Arbitrary Code Execution or Denial-of-Service

Vulnerability

A stack-based buffer overflow vulnerability has been identified in Siemens SCALANCE LPE9403 (6GK5998-3GS00-2AC2), affecting all versions. This vulnerability allows a non-privileged local attacker to execute arbitrary code on the device or cause a denial-of-service condition.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution on the affected device or cause a denial-of-service condition.

Remediation

Currently, no fix is available for this vulnerability. Siemens recommends restricting access to authorized and trusted personnel only. As a general security measure, it is advised to protect network access to devices with appropriate mechanisms and to follow Siemens' operational guidelines for Industrial Security.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

3.5

remediation

7.9

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

3.5

remediation

7.9

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Siemens SCALANCE LPE9403 Stack-Based Buffer Overflow Vulnerability Allowing Arbitrary Code Execution or Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

Siemens SCALANCE LPE9403

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating