CVE-2025-27396
HIGHDescription
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit the elevation of privileges required to perform certain valid functionality. This could allow an authenticated lowly-privileged remote attacker to escalate their privileges.
Is your site exposed to CVE-2025-27396?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| siemens | scalance_lpe9403_firmware |
| siemens | scalance_lpe9403 |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-27396? +
How severe is CVE-2025-27396? +
What products are affected by CVE-2025-27396? +
How do I check if I'm vulnerable to CVE-2025-27396? +
Related Vulnerabilities
A potential vulnerability has been identified in HP Anyware Agent for Linux which might allow for authentication bypass which may …
Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content …
xrdp is an open source RDP server. In versions through 0.10.5, the session execution component did not properly handle an …
In onNullBinding of HostEmulationManager.java, there is a possible way to launch an activity from the background due to a logic …
For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in …
The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this …