Vulnerabilities > CVE-2025-40580 - Stack-based Buffer Overflow vulnerability in Siemens Scalance Lpe9403 Firmware

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

siemens

CWE-121

NVD

Published: 2025-05-13

Updated: 2025-06-04

Summary

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices are vulnerable to a stack-based buffer overflow. This could allow a non-privileged local attacker to execute arbitrary code on the device or to cause a denial of service condition.

Vulnerable Configurations

Part	Description	Count
OS	Siemens Siemens Scalance Lpe9403 Firmware -	1
Hardware	Siemens Siemens Scalance Lpe9403 -	1

Common Weakness Enumeration (CWE)

CWE-121 - Stack-based Buffer Overflow

References

https://cert-portal.siemens.com/productcert/html/ssa-327438.html