Siemens SCALANCE LPE9403

Act Now9.9ICS-CERT ICSA-23-131-06May 9, 2023

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

SCALANCE LPE9403 industrial network switch (firmware versions prior to V2.1) is affected by multiple vulnerabilities including command injection (CWE-77), improper resource validation (CWE-378), path traversal (CWE-22), and buffer overflow (CWE-122). These flaws allow an authenticated attacker to compromise the confidentiality, integrity, and availability of the device. The switch is a critical component in industrial networks; compromise could disrupt communication between PLCs, RTUs, and other control devices.

What this means

What could happen

An attacker with network access and valid credentials could execute arbitrary commands on the SCALANCE LPE9403 switch, potentially disrupting network traffic to critical infrastructure like PLCs, RTUs, or HMIs that depend on it for communication.

Who's at risk

Water utilities and municipal electric utilities that use Siemens SCALANCE LPE9403 industrial network switches to interconnect PLCs, RTUs, HMIs, and other control devices. Any organization relying on this switch for critical infrastructure automation is affected if running firmware older than V2.1.

How it could be exploited

An attacker on the network with valid login credentials could exploit one of multiple command injection or path traversal flaws to execute arbitrary commands on the device. The attack requires authentication but runs with the privileges of the SCALANCE device, allowing modification of network configuration, traffic filtering, or even shutdown of the device.

Prerequisites

Network access to the SCALANCE LPE9403 management interface (typically port 80/443 or console)
Valid login credentials for the device (user account)
Device must be running firmware version prior to V2.1

Remotely exploitableRequires valid credentials (moderate barrier)Low attack complexityAffects network availability and integrityImpacts physical operations if device is taken offline

Exploitability

Moderate exploit probability (EPSS 1.0%)

Affected products (1)

ProductAffected VersionsFix Status

SCALANCE LPE9403<V2.12.1

Remediation & Mitigation

0/5

Do now

0/3

WORKAROUNDRestrict network access to the SCALANCE LPE9403 management interface to authorized engineering workstations only using firewall rules or ACLs

HARDENINGDisable remote management access to the device if not required for operations

HARDENINGEnforce strong, unique passwords for all device accounts; change any default credentials

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SCALANCE LPE9403 firmware to version 2.1 or later

Long-term hardening

0/1

HARDENINGIsolate the industrial network containing the SCALANCE switch from the corporate IT network using a demilitarized zone (DMZ) or air gap

CVEs (4)

CVE-2023-27407 CVE-2023-27408 CVE-2023-27409 CVE-2023-27410

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/d9638cd7-7434-480d-9a61-d9060b66d691