Siemens SCALANCE LPE9403

Plan PatchCVSS 8.8ICS-CERT ICSA-25-072-06Mar 11, 2025

Siemens

Attack path

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

The SCALANCE LPE9403 managed industrial network switch (firmware versions below 4.0) contains multiple vulnerabilities in command handling (CWE-78), path traversal (CWE-22), and credential validation (CWE-273) that allow an authenticated attacker to execute arbitrary commands, access restricted files, or disrupt network communications. The vulnerabilities affect confidentiality, integrity, and availability of the switch and connected devices.

What this means

What could happen

An attacker with authenticated access to the SCALANCE LPE9403 network switch could execute arbitrary commands, read sensitive configuration data, or disrupt communications to critical infrastructure devices connected to the switch, potentially halting automated control and monitoring functions.

Who's at risk

Water and electric utilities, municipal infrastructure facilities, and any organization operating Siemens SCALANCE LPE9403 managed industrial network switches in control system environments. This switch is typically deployed in the field to segment and protect PLC/RTU networks from untrusted networks.

How it could be exploited

An attacker must first reach the switch over the network and authenticate with valid credentials. Once authenticated, command injection (CWE-78) or path traversal (CWE-22) flaws allow the attacker to run arbitrary code on the switch or access restricted files, enabling further compromise of the network segment.

Prerequisites

Network access to the SCALANCE LPE9403 (management interface, likely port 80/443 or SSH)
Valid authentication credentials to access the switch management interface
SCALANCE LPE9403 firmware version below 4.0

remotely exploitablerequires valid credentialsaffects network infrastructure in critical systemshigh CVSS score (8.8)vulnerability allows code execution and data access

Exploitability

Some exploitation risk — EPSS score 3.1%

Affected products (1)

ProductAffected VersionsFix Status

SCALANCE LPE9403<V4.04.0

Remediation & Mitigation

0/4

Do now

0/1

WORKAROUNDRestrict network access to the SCALANCE LPE9403 management interface (HTTP/HTTPS, SSH) to authorized administrative workstations only using firewall rules

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SCALANCE LPE9403 firmware to version 4.0 or later

Long-term hardening

0/2

HARDENINGIsolate the SCALANCE LPE9403 and connected control devices from the business network using network segmentation (separate VLAN or DMZ)

HARDENINGDisable or restrict remote access to the switch unless required; if remote access is necessary, use VPN with strong authentication

CVEs (7)

CVE-2025-27392 CVE-2025-27393 CVE-2025-27394 CVE-2025-27395 CVE-2025-27396 CVE-2025-27397 CVE-2025-27398

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/e1f8892c-0eca-497a-961d-8effc488a39f

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.