CVE-2025-40581

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINEMA Remote Connect Edge Client installed). Affected devices are vulnerable to an authentication bypass. This could allow a non-privileged local attacker to bypass the authentication of the SINEMA Remote Connect Edge Client, and to read and modify the configuration parameters.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:siemens:scalance_lpe9403_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_lpe9403:-:*:*:*:*:*:*:*

History

04 Jun 2025, 16:33

Type Values Removed Values Added
References () https://cert-portal.siemens.com/productcert/html/ssa-327438.html - () https://cert-portal.siemens.com/productcert/html/ssa-327438.html - Vendor Advisory
CWE NVD-CWE-noinfo
First Time Siemens
Siemens scalance Lpe9403
Siemens scalance Lpe9403 Firmware
Summary
  • (es) Se ha identificado una vulnerabilidad en SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (todas las versiones con SINEMA Remote Connect Edge Client instalado). Los dispositivos afectados son vulnerables a una omisión de autenticación. Esto podría permitir que un atacante local sin privilegios omita la autenticación de SINEMA Remote Connect Edge Client y lea y modifique los parámetros de configuración.
CPE cpe:2.3:o:siemens:scalance_lpe9403_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_lpe9403:-:*:*:*:*:*:*:*

13 May 2025, 10:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-05-13 10:15

Updated : 2025-06-04 16:33


NVD link : CVE-2025-40581

Mitre link : CVE-2025-40581

CVE.ORG link : CVE-2025-40581


JSON object : View

Products Affected

siemens

  • scalance_lpe9403
  • scalance_lpe9403_firmware
CWE
CWE-288

Authentication Bypass Using an Alternate Path or Channel

NVD-CWE-noinfo