Local Permission Exploit in SCALANCE LPE9403 by Siemens
CVE-2025-40572
6.8MEDIUM
What is CVE-2025-40572?
A local permission vulnerability has been discovered in the SCALANCE LPE9403 device by Siemens, allowing non-privileged local attackers to gain unauthorized access to sensitive information. This flaw arises from inadequate permission assignments to critical resources, which may expose data stored on the device, posing a significant security risk. Organizations utilizing this product should take immediate measures to mitigate potential exploitation.
Affected Version(s)
SCALANCE LPE9403 0
References
CVSS V4
Score:
6.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved