Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
5DescriptionCVE.org
A vulnerability has been identified in Teamcenter V2312 (All versions < V2312.0014), Teamcenter V2406 (All versions < V2406.0012), Teamcenter V2412 (All versions < V2412.0009), Teamcenter V2506 (All versions < V2506.0005), Teamcenter V2512 (All versions). The affected application does not properly encode or filter user-supplied data. This could allow an attacker to inject malicious code that can be executed by other users when they visit the affected page.
AnalysisAI
Stored cross-site scripting (XSS) in Siemens Teamcenter allows authenticated attackers with low privileges to inject malicious JavaScript that executes in other users' browser sessions, enabling session hijacking, credential theft, or unauthorized actions within the product lifecycle management platform. Affects Teamcenter versions V2312 through V2512 with vendor patches released for all branches. CVSS v4.0 scores 8.5 (High) due to network attack vector with low complexity, though exploitation requires user interaction and authenticated access. No public exploit code or CISA KEV listing identified at time of analysis.
Technical ContextAI
Teamcenter is Siemens' enterprise product lifecycle management (PLM) platform used for engineering data management, product configuration, and collaboration across manufacturing organizations. This vulnerability stems from CWE-79 (Cross-site Scripting) where the application fails to properly sanitize, encode, or filter user-supplied input before rendering it in web pages. The CVSS v4.0 vector (AV:N/AC:L/PR:L/UI:P) indicates network-accessible exploitation with low attack complexity, requiring low-privileged authentication and passive user interaction. The High ratings for Vulnerable System Confidentiality (VC:H) and Integrity (VI:H) with no impact on Availability (VA:N) and no Subsequent System impact (SC:N/SI:N/SA:N) are characteristic of stored XSS attacks where the injected payload persists and executes in victim contexts but doesn't directly compromise system availability or pivot to adjacent systems. Affected products span five major Teamcenter release branches from V2312 through V2512, all identified via CPE strings cpe:2.3:a:siemens:teamcenter_v[VERSION]:*:*:*:*:*:*:*:*.
RemediationAI
Apply vendor-released security updates immediately: upgrade Teamcenter V2312 to version V2312.0014 or later, V2406 to V2406.0012 or later, V2412 to V2412.0009 or later, and V2506 to V2506.0005 or later. For Teamcenter V2512, consult Siemens ProductCERT advisory SSA-827383 for the specific patched version number. Download patches and complete upgrade instructions from https://cert-portal.siemens.com/productcert/html/ssa-827383.html or through authorized Siemens support channels. If immediate patching is not feasible, implement compensating controls: deploy web application firewall (WAF) rules to detect and block common XSS patterns in user input fields (note: sophisticated payloads may evade signature-based detection, reducing effectiveness to approximately 70-80%); enforce Content Security Policy (CSP) headers with strict script-src directives to prevent inline JavaScript execution (may break legitimate Teamcenter functionality-test thoroughly in staging environment); restrict authenticated user permissions to minimum necessary for job functions to limit potential attacker privilege levels; educate users to recognize and report suspicious content or unexpected script behavior. Monitor Teamcenter access logs for unusual patterns in user-generated content fields. These workarounds reduce but do not eliminate risk-patching remains the definitive solution.
More in Teamcenter V2312
View allSame weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-29430
GHSA-4pjx-495c-f5cg