Input Sanitization Flaw in SCALANCE LPE9403 by Siemens
CVE-2025-27392
8.6HIGH
Summary
A vulnerability exists in the SCALANCE LPE9403 device line, specifically in versions prior to V4.0, which fails to adequately sanitize user input during the creation of VXLAN configurations. This lack of proper input validation may enable an authenticated attacker with high privileges to run arbitrary code on the device, thereby compromising its integrity and functionality. Securing these devices against this vulnerability is essential to prevent unauthorized access and potential malicious activities.
Affected Version(s)
SCALANCE LPE9403 0
References
CVSS V4
Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved