CVE-2025-27396

Summary

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit the elevation of privileges required to perform certain valid functionality. This could allow an authenticated lowly-privileged remote attacker to escalate their privileges.

Affected Software

VendorProductVersion RangeStatus
SiemensSCALANCE LPE94030 < V4.0affected

Weaknesses

  • CWE-273: CWE-273: Improper Check for Dropped Privileges

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References