A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly neutralize special characters when interpreting user controlled log paths. This could allow an authenticated highly-privileged remote attacker to execute a limited set of binaries that are already present on the filesystem.
2025-03-11T10:15:19.247
2025-08-22T17:51:58.517
Analyzed
CVSSv3.1: 2.7 (LOW)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | siemens | scalance_lpe9403_firmware | < 4.0 | Yes |
| Hardware | siemens | scalance_lpe9403 | - | No |