Security Advisory

CVE-2025-40578

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-13 09:39:04
Last updated 2025-05-13 13:17:53
Assigner siemens
State PUBLISHED

Description

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly handle multiple incoming Profinet packets received in rapid succession. An unauthenticated remote attacker can exploit this flaw by sending multiple packets in a very short time frame, which leads to a crash of the dcpd process.