SSA-075201 — Vulnetix

SSA-075201 PUBLISHED CVSS 7.199999809265137 HIGH

Affected devices do not properly sanitize user input when creating new VXLAN configurations. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device.

Risk Scores

CVSS v3.1

7.199999809265137

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

Affected Products

Vendor	Product	Versions
Siemens	SCALANCE LPE9403 (6GK5998-3GS00-2AC2)

Timeline

Mar 11, 2025 CVE Published

References

https://cert-portal.siemens.com/productcert/csaf/ssa-075201.json advisory
https://cert-portal.siemens.com/productcert/html/ssa-075201.html advisory
https://support.industry.siemens.com/cs/ww/en/view/109976925/ patch

Open in Interactive Console →