How severe is CVE-2025-40575?

CVE-2025-40575 has a CVSS v3 score of 4.3 (MEDIUM).

CVE-2025-40575

Name: scalance_lpe9403
Author: siemens

4.3MEDIUM

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote

公開日: 5/13/2025更新日: 7/8/2025

説明

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.

AI分析AIによる分析

影響を受ける製品

siemensscalance_lpe9403_firmware

siemensscalance_lpe9403

参照

https://cert-portal.siemens.com/productcert/html/ssa-327438.html
Vendor Advisory