VDB
CVE-2023-27409
CVE-2023-27409
PUBLISHED
CVSS 3.299999952316284 LOW
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A path traversal vulnerability was found in the `deviceinfo` binary via the `mac` parameter. This could allow an authenticated attacker with access to the SSH interface on the affected device to read the contents of any file named `address`.
EPSS 0.05% · 15.3th percentile
Risk Scores
CVSS 3.1
3.299999952316284
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.05%
15.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | SCALANCE LPE9403 | * |
| siemens | scalance_lpe9403_firmware | 0, 0 |
Exploit Intelligence
Timeline
- May 9, 2023 CVE Published
- May 10, 2023 EPSS Score
- Jun 16, 2023 EPSS Score
- Jul 23, 2023 EPSS Score
- Aug 28, 2023 EPSS Score
- Oct 4, 2023 EPSS Score
- Nov 10, 2023 EPSS Score
- Dec 17, 2023 EPSS Score
- Jan 22, 2024 EPSS Score
- Feb 28, 2024 EPSS Score
- Apr 5, 2024 EPSS Score
- May 12, 2024 EPSS Score
References
- https://cert-portal.siemens.com/productcert/html/ssa-516174.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-789345.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-555292.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-892048.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-325383.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-932528.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-473245.html advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-27409 advisory