Siemens Scalance_lpe9403_firmware
27 CVEs affecting Siemens Scalance_lpe9403_firmware. Latest disclosed: 2025-05-13. Critical: 1, High: 10.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-27407 | Critical | 9.9 | 2023-05-09 | A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The web based management of affected device does not properly validate user inpu… |
CVE-2025-27396 | High | 8.8 | 2025-03-11 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit the elevation of pri… |
CVE-2025-40582 | High | 7.8 | 2025-05-13 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINEMA Remote Connect Edge Client installed). Affected devices… |
CVE-2025-40574 | High | 7.8 | 2025-05-13 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly assign permissions to… |
CVE-2022-0847 | High | 7.8 | 2022-03-10 | A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe funct… |
CVE-2021-4034 | High | 7.8 | 2022-01-28 | A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users t… |
CVE-2025-27395 | High | 7.2 | 2025-03-11 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit the scope of files a… |
CVE-2025-27394 | High | 7.2 | 2025-03-11 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when c… |
CVE-2025-27393 | High | 7.2 | 2025-03-11 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when c… |
CVE-2025-27392 | High | 7.2 | 2025-03-11 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when c… |
CVE-2025-40581 | High | 7.1 | 2025-05-13 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINEMA Remote Connect Edge Client installed). Affected devices… |
CVE-2025-40580 | Medium | 6.7 | 2025-05-13 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices are vulnerable to a stack-based buffer… |
CVE-2025-40579 | Medium | 6.7 | 2025-05-13 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices are vulnerable to a stack-based buffer… |
CVE-2021-36221 | Medium | 5.9 | 2021-08-08 | Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort. |
CVE-2021-3449 | Medium | 5.9 | 2021-03-25 | An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the… |
CVE-2025-40572 | Medium | 5.5 | 2025-05-13 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly assign permissions to… |
CVE-2025-40583 | Medium | 4.4 | 2025-05-13 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINEMA Remote Connect Edge Client installed). Affected devices… |
CVE-2025-40573 | Medium | 4.4 | 2025-05-13 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices are vulnerable to path traversal attac… |
CVE-2025-40578 | Medium | 4.3 | 2025-05-13 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly handle multiple incoming Profinet… |
CVE-2025-40577 | Medium | 4.3 | 2025-05-13 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly validate incoming Prof… |