CVE-2025-40574

Name of the Vulnerable Software and Affected Versions: SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions)

Description: A vulnerability has been identified in the affected devices, where they do not properly assign permissions to critical resources. This could allow a non-privileged local attacker to interact with the backupmanager service.

Recommendations: For SCALANCE LPE9403 (6GK5998-3GS00-2AC2), consider restricting access to the backupmanager service until a patch is available. As a temporary workaround, limit the interaction with critical resources to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.