CVE-2025-27392

Name of the Vulnerable Software and Affected Versions SCALANCE LPE9403 versions prior to V4.0

Description A vulnerability has been identified where affected devices do not properly sanitize user input when creating new VXLAN configurations. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device.

Recommendations For versions prior to V4.0, update to version V4.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the device and limiting the creation of new VXLAN configurations to minimize the risk of exploitation.