CVE-2025-27396

High

Published: 11 March 2025

Published

11 March 2025

Modified

22 August 2025

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0105 77.7th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

Security Summary

CVE-2025-27396 is a privilege escalation vulnerability affecting Siemens SCALANCE LPE9403 (6GK5998-3GS00-2AC2) in all versions prior to V4.0. The flaw stems from the affected devices not properly limiting the elevation of privileges required to perform certain valid functionality, mapped to CWE-273. It carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and was published on 2025-03-11.

An authenticated remote attacker with low privileges can exploit this vulnerability over the network with low attack complexity and no user interaction required. Successful exploitation allows privilege escalation, enabling high impacts on confidentiality, integrity, and availability.

Siemens has published security advisory SSA-075201 at https://cert-portal.siemens.com/productcert/html/ssa-075201.html, which details mitigations for this issue.

Details

CWE(s): CWE-273

Affected Products

siemens

scalance lpe9403 firmware

≤ 4.0

MITRE ATT&CK Enterprise Techniques

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

Why these techniques?

The vulnerability is a remote authenticated privilege escalation flaw (CWE-273) allowing low-priv users to gain higher privileges on the device, directly enabling T1068 Exploitation for Privilege Escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://cert-portal.siemens.com/productcert/html/ssa-075201.html
Vendor Advisory · productcert@siemens.com