Vulnerabilities > CVE-2023-27409 - Unspecified vulnerability in Siemens Scalance Lpe9403 Firmware 2.0

CVSS 3.3 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

local

low complexity

siemens

NVD

Published: 2023-05-09

Updated: 2024-11-21

Summary

A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A path traversal vulnerability was found in the `deviceinfo` binary via the `mac` parameter. This could allow an authenticated attacker with access to the SSH interface on the affected device to read the contents of any file named `address`.

Vulnerable Configurations

Part	Description	Count
OS	Siemens Siemens Scalance Lpe9403 Firmware - Siemens Scalance Lpe9403 Firmware 2.0	2
Hardware	Siemens Siemens Scalance Lpe9403 -	1

References

https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf