CVE-2025-27395

Name of the Vulnerable Software and Affected Versions SCALANCE LPE9403 versions prior to V4.0

Description A security issue has been identified where affected devices do not properly limit the scope of files accessible through and the privileges of the SFTP functionality. This could allow an authenticated highly-privileged remote attacker to read and write arbitrary files.

Recommendations For versions prior to V4.0, update to version V4.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the SFTP functionality to minimize the risk of exploitation.