Multiple Vulnerabilities in SCALANCE LPE9403 Before V4.0

Plan Patch8.8SSA-075201Mar 11, 2025

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

SCALANCE LPE9403 is affected by multiple vulnerabilities (CWE-78 command injection, CWE-22 path traversal, CWE-273 authentication) that could allow an attacker with valid credentials to impact confidentiality, integrity, and availability of the device.

What this means

What could happen

An attacker with engineering credentials could execute arbitrary commands on the LPE9403, potentially modifying network configurations, disrupting communication between industrial devices and control systems, or accessing sensitive process data.

Who's at risk

Water utilities and municipal electric utilities using Siemens SCALANCE LPE9403 industrial network switches (versions prior to 4.0) as communication bridges between control networks and engineering workstations. This affects any site running legacy LPE9403 devices that authenticate engineering staff for remote access or management.

How it could be exploited

An attacker with valid engineering workstation credentials connects to the LPE9403 management interface (port 443 HTTPS or 80 HTTP) and injects OS commands via input fields that lack proper sanitization, or traverses the file system to access configuration files or execute unauthorized operations.

Prerequisites

Valid engineering workstation credentials (login required)
Network access to the LPE9403 management interface (HTTP/HTTPS)
Connection to the industrial network where the LPE9403 is deployed

Remotely exploitableAuthentication required (lowers but does not eliminate risk)Affects core network device in ICS environmentHigh CVSS score (8.8)Multiple vulnerability types in single device

Exploitability

Low exploit probability (EPSS 0.8%)

Affected products (1)

ProductAffected VersionsFix Status

SCALANCE LPE9403< V4.04.0

Remediation & Mitigation

0/4

Do now

0/2

HARDENINGRestrict management interface access (HTTP/HTTPS) to authorized engineering workstations using firewall rules or network segmentation

HARDENINGEnforce strong, unique credentials for engineering workstation accounts with access to the LPE9403

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SCALANCE LPE9403 to firmware version 4.0 or later

Long-term hardening

0/1

HARDENINGMonitor and log all management interface connections and configuration changes to the LPE9403

CVEs (7)

CVE-2025-27392 CVE-2025-27393 CVE-2025-27394 CVE-2025-27395 CVE-2025-27396 CVE-2025-27397 CVE-2025-27398

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/8396aa06-e41b-4b5a-b1c6-5852d122c3d9