Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-cq6m-j4vh-qx8f

Опубликовано: 13 мая 2025
Источник: github
Github: Не прошло ревью
CVSS4: 5.3
CVSS3: 4.3

Описание

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.

Ссылки

EPSS

Процентиль: 22%
0.00072
Низкий

5.3 Medium

CVSS4

4.3 Medium

CVSS3

CVE ID

CVE-2025-40577

Дефекты

CWE-125

Связанные уязвимости

nvd логотип

CVE-2025-40577

CVSS3: 4.3
nvd
9 месяцев назад

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.

fstec логотип

BDU:2025-06088

CVSS3: 4.3
fstec
9 месяцев назад

Уязвимость службы dcpd микропрограммного обеспечения промышленных коммутаторов Siemens Scalance LPE9403, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 22%
0.00072
Низкий

5.3 Medium

CVSS4

4.3 Medium

CVSS3

CVE ID

CVE-2025-40577

Дефекты

CWE-125