CVE-2025-40575

MEDIUM Year: 2025
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-457
View all →

Vulnerability Description

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.

Related Vulnerabilities

CVE-2021-21966

MEDIUM
CVSS:5.3(Medium)

An information disclosure vulnerability exists in the HTTP Server /ping.html functionality of Texas Instruments CC3200 SimpleLink Solution NWP 2.9.0.0. A specially-crafted HTTP request can lead to an ...

CWE-4572021

CVE-2023-31192

MEDIUM
CVSS:5.3(Medium)

An information disclosure vulnerability exists in the ClientConnect() functionality of SoftEther VPN 5.01.9674. A specially crafted network packet can lead to a disclosure of sensitive information. An...

CWE-4572023

CVE-2019-1010317

MEDIUM
CVSS:5.5(Medium)

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig (caff.c:486). ...

CWE-4572019

CVE-2019-1010319

MEDIUM
CVSS:5.5(Medium)

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseWave64HeaderConfig (wave64.c:21...

CWE-4572019

CVE-2021-44003

MEDIUM
CVSS:5.5(Medium)

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll is vulnerable to use of uninitialized memory while par...

CWE-4572021

CVE-2022-42432

MEDIUM
CVSS:5.1(Medium)

This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel 6.0-rc2. An attacker must first obtain the ability to execute high-privileged ...

CWE-4572022