Sign-up

ID

VAR-202505-1601


CVE

CVE-2025-40576


TITLE

Siemens'  SCALANCE LPE9403  in the firmware  NULL  Pointer dereference vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2025-006313

DESCRIPTION

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process. Siemens' SCALANCE LPE9403 The firmware has NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. The Siemens SCALANCE LPE9403 is a local processing engine designed by Siemens for industrial field data processing. It is used to capture, collect, and pre-process industrial field data

Trust: 2.16

sources: NVD: CVE-2025-40576 // JVNDB: JVNDB-2025-006313 // CNVD: CNVD-2025-17500

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-17500

AFFECTED PRODUCTS

vendor:siemensmodel:scalance lpe9403scope:eqversion: -

Trust: 1.0

vendor:シーメンスmodel:scalance lpe9403scope:eqversion: -

Trust: 0.8

vendor:シーメンスmodel:scalance lpe9403scope:eqversion:scalance lpe9403 firmware

Trust: 0.8

vendor:シーメンスmodel:scalance lpe9403scope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance lpe9403 hf0scope:ltversion:v4.0

Trust: 0.6

sources: CNVD: CNVD-2025-17500 // JVNDB: JVNDB-2025-006313 // NVD: CVE-2025-40576

CVSS

SEVERITY

CVSSV2

CVSSV3

productcert@siemens.com: CVE-2025-40576
value: MEDIUM

Trust: 1.0

OTHER: JVNDB-2025-006313
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2025-17500
value: LOW

Trust: 0.6

CNVD: CNVD-2025-17500
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

productcert@siemens.com: CVE-2025-40576
baseSeverity: MEDIUM
baseScore: 4.3
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 2.8
impactScore: 1.4
version: 3.1

Trust: 1.0

OTHER: JVNDB-2025-006313
baseSeverity: MEDIUM
baseScore: 4.3
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-17500 // JVNDB: JVNDB-2025-006313 // NVD: CVE-2025-40576

PROBLEMTYPE DATA

problemtype:CWE-476

Trust: 1.0

problemtype:NULL Pointer dereference (CWE-476) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2025-006313 // NVD: CVE-2025-40576

PATCH

title:Patch for Siemens SCALANCE LPE9403 Null Pointer Dereference Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/715151

Trust: 0.6

sources: CNVD: CNVD-2025-17500

EXTERNAL IDS

db:NVDid:CVE-2025-40576

Trust: 3.2

db:SIEMENSid:SSA-327438

Trust: 2.4

db:ICS CERTid:ICSA-25-135-18

Trust: 0.8

db:JVNid:JVNVU92528757

Trust: 0.8

db:JVNDBid:JVNDB-2025-006313

Trust: 0.8

db:CNVDid:CNVD-2025-17500

Trust: 0.6

sources: CNVD: CNVD-2025-17500 // JVNDB: JVNDB-2025-006313 // NVD: CVE-2025-40576

REFERENCES

url:https://cert-portal.siemens.com/productcert/html/ssa-327438.html

Trust: 2.4

url:https://jvn.jp/vu/jvnvu92528757/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2025-40576

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-25-135-18

Trust: 0.8

sources: CNVD: CNVD-2025-17500 // JVNDB: JVNDB-2025-006313 // NVD: CVE-2025-40576

SOURCES

db:CNVDid:CNVD-2025-17500
db:JVNDBid:JVNDB-2025-006313
db:NVDid:CVE-2025-40576

LAST UPDATE DATE

2025-08-06T20:00:58.939000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-17500date:2025-08-05T00:00:00
db:JVNDBid:JVNDB-2025-006313date:2025-06-05T05:58:00
db:NVDid:CVE-2025-40576date:2025-07-08T11:15:28.267

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-17500date:2025-08-05T00:00:00
db:JVNDBid:JVNDB-2025-006313date:2025-06-05T00:00:00
db:NVDid:CVE-2025-40576date:2025-05-13T10:15:27.373