ICSA-25-135-18 · Published 2025-05-13 · View on CISA ICS-CERT ↗

Siemens SCALANCE LPE9403

CVSS 7.8 HIGH

CVEs (12)

CVE-2025-40572 CVE-2025-40573 CVE-2025-40574 CVE-2025-40575 CVE-2025-40576 CVE-2025-40577 CVE-2025-40578 CVE-2025-40579 CVE-2025-40580 CVE-2025-40581 CVE-2025-40582 CVE-2025-40583

Remediations

Restrict access to authorized and trusted personal only
Currently no fix is available
Disable the Profinet Discovery and Configuration Protocol (DCP) service
Only use trusted SINEMA Remote Connect Servers

Affected Vendors

Siemens

Affected Products (2)

Siemens · SCALANCE LPE9403 (6GK5998-3GS00-2AC2) vers:all/*

Affected Sectors

Critical Manufacturing, Transportation Systems, Energy, Healthcare and Public Health, Financial Services, Government Services and Facilities

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more