Primary

Context

Siemens SCALANCE LPE9403 Improper Parameter Sanitization Vulnerability Allowing Root Command Execution

Vulnerability

A vulnerability exists in Siemens SCALANCE LPE9403 (6GK5998-3GS00-2AC2) with all versions containing the SINEMA Remote Connect Edge Client. The issue arises because affected devices fail to properly sanitize configuration parameters, enabling a non-privileged local attacker to execute root commands on the device.

Impact

Exploitation of this vulnerability allows for unauthorized execution of root commands on the affected device.

Remediation

Siemens recommends restricting access to authorized and trusted personnel only and to use only trusted SINEMA Remote Connect Servers. Currently, no fix is available for this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

7.0

remediation

7.9

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

7.0

remediation

7.9

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Siemens SCALANCE LPE9403 Improper Parameter Sanitization Vulnerability Allowing Root Command Execution

Vulnerability

Impact

Remediation

Affected Products

Siemens SCALANCE LPE9403

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating