PatchSiren cyber security CVE debrief
CVE-2025-40579 Siemens CVE debrief
CVE-2025-40579 affects Siemens SCALANCE LPE9403 devices and is described as a stack-based buffer overflow. According to the supplied advisory data, a non-privileged local attacker could potentially execute arbitrary code on the device or trigger a denial of service. The advisory also states that no fix is currently available, so the immediate defense is to restrict access to authorized and trusted personnel and apply compensating controls.
- Vendor
- Siemens
- Product
- SCALANCE LPE9403 (6GK5998-3GS00-2AC2)
- CVSS
- MEDIUM 6.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-05-13
- Original CVE updated
- 2025-05-13
- Advisory published
- 2025-05-13
- Advisory updated
- 2025-05-13
Who should care
Organizations operating Siemens SCALANCE LPE9403 devices, especially OT/ICS teams, plant operators, infrastructure owners, and administrators responsible for local access control and device hardening.
Technical summary
The supplied CISA CSAF advisory and Siemens reference identify a stack-based buffer overflow in Siemens SCALANCE LPE9403 (6GK5998-3GS00-2AC2). The CVSS vector provided is CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H, indicating a local attack path with low privileges and user interaction required, but with high impact if successful. The stated outcomes are arbitrary code execution on the device or denial of service. The remediation data says no fix is currently available, and mitigation is to restrict access to authorized and trusted personnel only.
Defensive priority
Elevated, especially in environments where local access to the device cannot be tightly controlled. Priority is increased by the lack of an available fix and the potential for high-impact compromise of device confidentiality, integrity, and availability.
Recommended defensive actions
- Inventory deployments of Siemens SCALANCE LPE9403 (6GK5998-3GS00-2AC2) and confirm exposure to local users or maintenance access paths.
- Restrict device access to authorized and trusted personnel only, as stated in the supplied remediation guidance.
- Apply compensating controls from Siemens and CISA industrial control system best-practice guidance to reduce local attack opportunities.
- Review local access, maintenance workflows, and administrative permissions for unnecessary access to affected devices.
- Monitor for unauthorized local activity or unexpected device behavior that could indicate exploitation or instability.
- Track the Siemens advisory for future remediation updates, since the supplied advisory states that no fix is currently available.
Evidence notes
All substantive claims here are drawn from the supplied CISA CSAF source item and its referenced Siemens advisory: the affected product is Siemens SCALANCE LPE9403 (6GK5998-3GS00-2AC2), the flaw is a stack-based buffer overflow, the impact includes arbitrary code execution or denial of service, the attacker is described as non-privileged and local, and the remediation states that no fix is currently available. Timing reflects the CVE publication date provided in the input (2025-05-13).
Official resources
-
CVE-2025-40579 CVE record
CVE.org
-
CVE-2025-40579 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed on 2025-05-13 via CISA CSAF ICSA-25-135-18 and the corresponding Siemens advisory references supplied in the corpus. The supplied enrichment data does not mark this CVE as KEV.