Local Privilege Escalation Vulnerability in SCALANCE LPE9403 by Siemens
CVE-2025-40583

6.7MEDIUM

Key Information:

Vendor: Siemens
Status: Scalance Lpe9403
Vendor: CVE Published:; 13 May 2025

What is CVE-2025-40583?

A vulnerability has been discovered in the SCALANCE LPE9403 model produced by Siemens, specifically impacting all versions with the SINEMA Remote Connect Edge Client installed. The flaw enables sensitive information to be transmitted in cleartext, potentially exposing this data to local attackers with elevated privileges. This security issue highlights the importance of implementing robust security measures and ensuring that sensitive communications are adequately protected.

Affected Version(s)

SCALANCE LPE9403 0

References

https://cert-portal.siemens.com/productcert/html/ssa-3274...

CVSS V4

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
May 13, 2025
Vulnerability Reserved
Apr 16, 2025