PatchSiren cyber security CVE debrief
CVE-2025-40577 Siemens CVE debrief
CVE-2025-40577 is a Siemens SCALANCE LPE9403 issue in which incoming Profinet packets are not properly validated. According to the advisory, an attacker can trigger a crash of the dcpd process by sending a specially crafted packet. Siemens/CISA list no fix at publication time and recommend disabling the Profinet Discovery and Configuration Protocol (DCP) service where feasible.
- Vendor
- Siemens
- Product
- SCALANCE LPE9403 (6GK5998-3GS00-2AC2)
- CVSS
- MEDIUM 4.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-05-13
- Original CVE updated
- 2025-05-13
- Advisory published
- 2025-05-13
- Advisory updated
- 2025-05-13
Who should care
OT/ICS operators, plant engineers, and network defenders responsible for Siemens SCALANCE LPE9403 devices, especially environments using Profinet and DCP on trusted industrial networks.
Technical summary
The advisory states that affected devices fail to properly validate incoming Profinet packets. A crafted packet can cause a denial-of-service condition by crashing the dcpd process. The published CVSS vector is CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L, indicating low availability impact and attack feasibility from an adjacent network context. The advisory text describes the attacker as unauthenticated and able to send a malicious packet; however, the CVSS vector suggests proximity to the target network is expected.
Defensive priority
Medium. The impact is denial of service rather than code execution or data compromise, but the affected product is industrial and no vendor fix was available at publication, so mitigation planning should be prompt.
Recommended defensive actions
- Disable the Profinet Discovery and Configuration Protocol (DCP) service on affected SCALANCE LPE9403 devices if operationally possible.
- Restrict who can reach the affected device over the local industrial network segment; treat the attack surface as adjacent-network exposure.
- Monitor for dcpd crashes, unexpected service restarts, and Profinet packet anomalies on affected assets.
- Apply CISA/Siemens recommended ICS defense-in-depth controls to reduce the blast radius of service-disruption events.
- Track the Siemens advisory and CISA advisory for any later remediation updates, since the publication listed no fix available at that time.
Evidence notes
Source advisory ICSA-25-135-18 and Siemens CSAF reference the same issue on Siemens SCALANCE LPE9403 (6GK5998-3GS00-2AC2). The advisory description says incoming Profinet packets are not properly validated and a crafted packet can crash the dcpd process. The remediation section states to disable the Profinet DCP service and notes that no fix is currently available. The published CVSS vector is CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L.
Official resources
-
CVE-2025-40577 CVE record
CVE.org
-
CVE-2025-40577 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed on 2025-05-13 in Siemens/CISA advisory ICSA-25-135-18 for Siemens SCALANCE LPE9403.