Skip to main content

Simcenter Femap CVE-2025-40745

| EUVDEUVD-2025-209431 MEDIUM
Improper Certificate Validation (CWE-295)
2026-04-14 siemens GHSA-vv4w-99g8-93pp
6.3
CVSS 4.0 · Vendor: siemens
Share

Severity by source

Vendor (siemens) PRIMARY
6.3 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from Vendor (siemens) · only source for this CVE.

CVSS VectorVendor: siemens

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

6
Severity Changed
Apr 14, 2026 - 09:22 NVD
LOW MEDIUM
CVSS changed
Apr 14, 2026 - 09:22 NVD
3.7 (LOW) 6.3 (MEDIUM)
Analysis Generated
Apr 14, 2026 - 09:11 vuln.today
EUVD ID Assigned
Apr 14, 2026 - 09:00 euvd
EUVD-2025-209431
Analysis Generated
Apr 14, 2026 - 09:00 vuln.today
CVE Published
Apr 14, 2026 - 08:40 nvd
MEDIUM 6.3

DescriptionCVE.org

A vulnerability has been identified in Siemens Software Center (All versions < V3.5.8.2), Simcenter 3D (All versions < V2506.6000), Simcenter Femap (All versions < V2506.0002), Simcenter STAR-CCM+ (All versions < V2602), Solid Edge SE2025 (All versions < V225.0 Update 13), Solid Edge SE2026 (All versions < V226.0 Update 04), Tecnomatix Plant Simulation (All versions < V2504.0008). Affected applications do not properly validate client certificates to connect to Analytics Service endpoint. This could allow an unauthenticated remote attacker to perform man in the middle attacks.

AnalysisAI

Improper TLS certificate validation in Siemens Software Center, Simcenter 3D, Simcenter Femap, Simcenter STAR-CCM+, Solid Edge SE2025/SE2026, and Tecnomatix Plant Simulation allows unauthenticated remote attackers to perform man-in-the-middle attacks against the Analytics Service endpoint. An attacker positioned on the network path can intercept and decrypt communications, potentially disclosing sensitive information. CVSS 3.7 reflects low-severity impact; no public exploit or active exploitation confirmed, but the low attack complexity and network vector indicate practical exploitability in targeted enterprise environments.

Technical ContextAI

The vulnerability stems from inadequate X.509 certificate validation during TLS handshakes with the Analytics Service endpoint (CWE-295: Improper Certificate Validation). Affected Siemens applications fail to properly verify the authenticity of the server's certificate, enabling a network-adjacent attacker to present a forged certificate and establish a trusted-appearing connection. The Analytics Service is a backend component used for telemetry and product analytics across multiple Siemens engineering suites (CAD, simulation, manufacturing software). Without proper certificate chain and hostname verification, these applications accept connections from attackers controlling network infrastructure (routers, proxies, DNS) or positioned via ARP spoofing, allowing passive eavesdropping on encrypted channels that should be protected.

RemediationAI

Upgrade to the following patched versions: Siemens Software Center V3.5.8.2 or later, Simcenter 3D V2506.6000 or later, Simcenter Femap V2506.0002 or later, Simcenter STAR-CCM+ V2602 or later, Solid Edge SE2025 V225.0 Update 13 or later, Solid Edge SE2026 V226.0 Update 04 or later, and Tecnomatix Plant Simulation V2504.0008 or later. As an interim mitigation, isolate affected applications on networks with strict egress controls and monitor outbound connections to Analytics Service endpoints. Organizations should verify that network security controls (firewalls, proxies, or VPNs) enforce certificate pinning or trusted CA validation before permitting connections to Siemens backend services. Consult the Siemens product security advisory at https://cert-portal.siemens.com/productcert/html/ssa-981622.html for product-specific deployment guidance.

CVE-2025-12659 HIGH
7.3 May 12

The affected applications contains a memory corruption vulnerability while parsing specially crafted IPT files. This cou

CVE-2026-23715 HIGH
7.8 Feb 10

Arbitrary code execution in Simcenter Femap and Nastran versions prior to V2512 results from an out-of-bounds write flaw

CVE-2026-23720 HIGH
7.8 Feb 10

Code execution in Simcenter Femap and Nastran versions prior to V2512 results from an out-of-bounds read flaw triggered

CVE-2026-23719 HIGH
7.8 Feb 10

Heap-based buffer overflow in Simcenter Femap and Nastran versions prior to V2512 allows local attackers to achieve arbi

CVE-2026-23718 HIGH
7.8 Feb 10

Out-of-bounds read in Simcenter Femap and Nastran versions prior to V2512 during NDB file parsing enables local code exe

CVE-2026-23717 HIGH
7.8 Feb 10

Simcenter Femap and Nastran versions prior to 2512 are vulnerable to out-of-bounds memory reads when processing maliciou

CVE-2026-23716 HIGH
7.8 Feb 10

Arbitrary code execution in Simcenter Femap and Nastran versions prior to 2512 results from an out-of-bounds read when p

CVE-2025-25175 HIGH
7.3 Mar 13

A vulnerability has been identified in Simcenter Femap V2401 (All versions < V2401.0003), Simcenter Femap V2406 (All ver

CVE-2025-40764 HIGH
7.3 Aug 12

A vulnerability has been identified in Simcenter Femap V2406 (All versions < V2406.0003), Simcenter Femap V2412 (All ver

CVE-2025-40762 HIGH
7.3 Aug 12

A vulnerability has been identified in Simcenter Femap V2406 (All versions < V2406.0003), Simcenter Femap V2412 (All ver

Share

CVE-2025-40745 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy