CVE-2025-27394

Name of the Vulnerable Software and Affected Versions SCALANCE LPE9403 versions prior to V4.0

Description A issue has been identified where affected devices do not properly sanitize user input when creating new SNMP users. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device.

Recommendations For versions prior to V4.0, update to version V4.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the SNMP user creation functionality until a patch is available. Avoid using the affected devices for creating new SNMP users until the issue is resolved.