CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27398
https://notcve.org/view.php?id=CVE-2025-27398
11 Mar 2025 — A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly neutralize special characters when interpreting user controlled log paths. This could allow an authenticated highly-privileged remote attacker to execute a limited set of binaries that are already present on the filesystem. • https://cert-portal.siemens.com/productcert/html/ssa-075201.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27397
https://notcve.org/view.php?id=CVE-2025-27397
11 Mar 2025 — A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit user controlled paths to which logs are written and from where they are read. This could allow an authenticated highly-privileged remote attacker to read and write arbitrary files in the filesystem, if and only if the malicious path ends with 'log' . • https://cert-portal.siemens.com/productcert/html/ssa-075201.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27396
https://notcve.org/view.php?id=CVE-2025-27396
11 Mar 2025 — A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit the elevation of privileges required to perform certain valid functionality. This could allow an authenticated lowly-privileged remote attacker to escalate their privileges. • https://cert-portal.siemens.com/productcert/html/ssa-075201.html • CWE-273: Improper Check for Dropped Privileges •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27395
https://notcve.org/view.php?id=CVE-2025-27395
11 Mar 2025 — A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit the scope of files accessible through and the privileges of the SFTP functionality. This could allow an authenticated highly-privileged remote attacker to read and write arbitrary files. • https://cert-portal.siemens.com/productcert/html/ssa-075201.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27394
https://notcve.org/view.php?id=CVE-2025-27394
11 Mar 2025 — A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new SNMP users. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device. • https://cert-portal.siemens.com/productcert/html/ssa-075201.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27393
https://notcve.org/view.php?id=CVE-2025-27393
11 Mar 2025 — A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new users. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device. • https://cert-portal.siemens.com/productcert/html/ssa-075201.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27392
https://notcve.org/view.php?id=CVE-2025-27392
11 Mar 2025 — A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new VXLAN configurations. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device. • https://cert-portal.siemens.com/productcert/html/ssa-075201.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27410
https://notcve.org/view.php?id=CVE-2023-27410
09 May 2023 — A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A heap-based buffer overflow vulnerability was found in the `edgebox_web_app` binary. The binary will crash if supplied with a backup password longer than 255 characters. This could allow an authenticated privileged attacker to cause a denial of service. • https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf • CWE-122: Heap-based Buffer Overflow •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27409
https://notcve.org/view.php?id=CVE-2023-27409
09 May 2023 — A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A path traversal vulnerability was found in the `deviceinfo` binary via the `mac` parameter. This could allow an authenticated attacker with access to the SSH interface on the affected device to read the contents of any file named `address`. • https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27408
https://notcve.org/view.php?id=CVE-2023-27408
09 May 2023 — A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The `i2c` mutex file is created with the permissions bits of `-rw-rw-rw-`. This file is used as a mutex for multiple applications interacting with i2c. This could allow an authenticated attacker with access to the SSH interface on the affected device to interfere with the integrity of the mutex and the data it protects. • https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf • CWE-378: Creation of Temporary File With Insecure Permissions •