Siemens SCALANCE LPE9403

Monitor7.8ICS-CERT ICSA-25-135-18May 13, 2025

Attack VectorLocal

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

SCALANCE LPE9403 industrial network switches are affected by multiple vulnerabilities including privilege escalation (CWE-732, CWE-288), memory corruption (CWE-121, CWE-125), and command injection (CWE-78) flaws. These vulnerabilities compromise data confidentiality, integrity, and availability. A local attacker with low privilege access can exploit these flaws to gain elevated privileges, read sensitive data, modify configurations, or crash the device. Siemens is preparing fixes but has not yet released patched versions for all affected versions.

What this means

What could happen

An attacker with local access to the SCALANCE LPE9403 could exploit multiple vulnerabilities to read sensitive data, modify configurations, or crash the device, potentially disrupting network connectivity in your industrial network.

Who's at risk

Network infrastructure operators who use Siemens SCALANCE LPE9403 industrial network switches in water treatment plants, electric utilities, or manufacturing facilities should be aware that all versions of this device contain multiple local privilege escalation and memory corruption vulnerabilities. This affects anyone managing industrial network access points and device connectivity.

How it could be exploited

An attacker with local shell or console access to the device could exploit privilege escalation and memory corruption flaws to gain higher privileges and execute arbitrary code, leading to data exposure or denial of service. The attack requires local access—typically via an unsecured serial console, SSH, or Telnet connection.

Prerequisites

Local shell or console access to the SCALANCE LPE9403
Low privilege user account (PR:L in CVSS vector)
Physical proximity or remote shell access to management interface
No special configuration required

Low complexity exploitationAffects all versionsNo vendor fix currently availableAffects network availabilityRequires local access reduces immediate risk

Exploitability

Low exploit probability (EPSS 0.4%)

Affected products (1)

ProductAffected VersionsFix Status

SCALANCE LPE9403All versionsNo fix (EOL)

Remediation & Mitigation

0/6

Do now

0/3

WORKAROUNDRestrict network access to the SCALANCE LPE9403 management interfaces using firewall rules or access control lists

HARDENINGDisable remote management protocols (SSH, Telnet, HTTP) if not required for operations

HARDENINGImplement strong authentication on device console and remote management interfaces

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXMonitor Siemens security advisories for patch availability and test fixed versions in a lab environment before deployment

Mitigations - no patch available

0/2

SCALANCE LPE9403 has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGFollow Siemens Operational Guidelines for Industrial Security to harden the overall network environment

HARDENINGSegregate the SCALANCE LPE9403 on a restricted management network segment separate from operational plant networks

CVEs (12)

CVE-2025-40572 CVE-2025-40573 CVE-2025-40574 CVE-2025-40575 CVE-2025-40576 CVE-2025-40577 CVE-2025-40578 CVE-2025-40579 CVE-2025-40580 CVE-2025-40581 CVE-2025-40582 CVE-2025-40583

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/b3ac3753-3acf-4a54-ae3f-5ddd71e5df9b