How severe is CVE-2025-40575?

CVE-2025-40575 has a CVSS v3 score of 4.3 (MEDIUM).

CVE-2025-40575

Name: scalance_lpe9403
Author: siemens

4.3MEDIUM

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote

Publicado: 5/13/2025Actualizado: 7/8/2025

Descripción

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.

Análisis IAImpulsado por IA

Productos Afectados

siemensscalance_lpe9403_firmware

siemensscalance_lpe9403

Referencias

https://cert-portal.siemens.com/productcert/html/ssa-327438.html
Vendor Advisory