A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.
2025-05-13T10:15:27.560
2025-07-08T11:15:28.417
Modified
CVSSv3.1: 4.3 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | siemens | scalance_lpe9403_firmware | - | Yes |
| Hardware | siemens | scalance_lpe9403 | - | No |