Siemens Scalance Lpe9403 Firmware
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Siemens Scalance Lpe9403 Firmware.
By the Year
In 2026 there have been 0 vulnerabilities in Siemens Scalance Lpe9403 Firmware. Last year, in 2025 Scalance Lpe9403 Firmware had 12 security vulnerabilities published. Right now, Scalance Lpe9403 Firmware is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 12 | 5.90 |
It may take a day or so for new Scalance Lpe9403 Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Siemens Scalance Lpe9403 Firmware Security Vulnerabilities
SCALANCE LPE9403 SINEMA RC Edge Client Cleartext Data Leak
CVE-2025-40583
4.4 - Medium
- May 13, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINEMA Remote Connect Edge Client installed). Affected devices do transmit sensitive information in cleartext. This could allow a privileged local attacker to retrieve this sensitive information.
Cleartext Transmission of Sensitive Information
SCALANCE LPE9403 SINEMA Remote Client LPE via Unsanitized Config
CVE-2025-40582
7.8 - High
- May 13, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINEMA Remote Connect Edge Client installed). Affected devices do not properly sanitize configuration parameters. This could allow a non-privileged local attacker to execute root commands on the device.
Shell injection
SCALANCE LPE9403 <V4.0 HF0 Profinet Crash (RCE)
CVE-2025-40575
5.3 - Medium
- May 13, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.
Use of Uninitialized Variable
SCALANCE LPE9403 Path Traversal (All <V4.0 HF0) - Local Priv Escalation
CVE-2025-40573
4.4 - Medium
- May 13, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices are vulnerable to path traversal attacks. This could allow a privileged local attacker to restore backups that are outside the backup folder.
Directory traversal
SCALANCE LPE9403 SINEMA Remote Connect Edge Client Auth Bypass
CVE-2025-40581
7.1 - High
- May 13, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINEMA Remote Connect Edge Client installed). Affected devices are vulnerable to an authentication bypass. This could allow a non-privileged local attacker to bypass the authentication of the SINEMA Remote Connect Edge Client, and to read and modify the configuration parameters.
Authentication Bypass Using an Alternate Path or Channel
SCALANCE LPE9403 V<4.0 HF0: Stack-Based Buffer Overflow Exploit
CVE-2025-40580
7.8 - High
- May 13, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices are vulnerable to a stack-based buffer overflow. This could allow a non-privileged local attacker to execute arbitrary code on the device or to cause a denial of service condition.
Memory Corruption
SCALANCE LPE9403 < V4.0 HF0 Stack Buffer Overflow
CVE-2025-40579
7.8 - High
- May 13, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices are vulnerable to a stack-based buffer overflow. This could allow a non-privileged local attacker to execute arbitrary code on the device or to cause a denial of service condition.
Memory Corruption
SCALANCE LPE9403 DCPD Crash via Rapid Profinet Packets
CVE-2025-40578
4.3 - Medium
- May 13, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly handle multiple incoming Profinet packets received in rapid succession. An unauthenticated remote attacker can exploit this flaw by sending multiple packets in a very short time frame, which leads to a crash of the dcpd process.
Out-of-bounds Read
Unvalidated Profinet Packets Crash dcpd on SCALANCE LPE9403 (pre V4.0 HF0)
CVE-2025-40577
4.3 - Medium
- May 13, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.
Out-of-bounds Read
SCALANCE LPE9403 (<V4.0 HF0) Profinet Packet Validation Failure Crash
CVE-2025-40576
4.3 - Medium
- May 13, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.
NULL Pointer Dereference
SCALANCE LPE9403 BackupManager Local Priv Esc <V4.0 HF0
CVE-2025-40574
7.8 - High
- May 13, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly assign permissions to critical ressources. This could allow a non-privileged local attacker to interact with the backupmanager service.
Incorrect Permission Assignment for Critical Resource
SCALANCE LPE9403 (<V4.0) Local Priv Escalation via Improper Permissions
CVE-2025-40572
5.5 - Medium
- May 13, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly assign permissions to critical ressources. This could allow a non-privileged local attacker to access sensitive information stored on the device.
Incorrect Permission Assignment for Critical Resource
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Siemens Scalance Lpe9403 Firmware or by Siemens? Click the Watch button to subscribe.
