CVE-2025-27397

Medium CVSS: 5.1

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit user controlled paths to which logs are written and from where they are read.
This could allow an authenticated highly-privileged remote attacker to read and write arbitrary files in the filesystem, if and only if the malicious path ends with 'log' .

Vendor

Siemens

Product

Scalance Lpe9403 Firmware

CWE

CWE-22

Yayın Tarihi

2025-03-11 10:15:19

Güncelleme

2025-08-22 17:58:09

Source Identifier

productcert@siemens.com

KEV Date Added

Kategoriler

CWE-22 Scalance Lpe9403 Firmware MEDIUM Siemens 2025

Referanslar

https://cert-portal.siemens.com/productcert/html/ssa-075201.html

Benzer Kayıtlar

Medium

CVE-2026-27661

A vulnerability has been identified in SINEC Security Monitor (All versions < V4.9.0). The affected application leaks co…

Medium

CVE-2026-25571

A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP SDK client component doe…

Medium

CVE-2026-25572

A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP SDK server component doe…

High

CVE-2026-25573

A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The affected application builds shell co…

Medium

CVE-2026-25605

A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The affected application performs file d…

High

CVE-2026-25569

A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). An out-of-bounds write vulnerability exi…