Severity by source
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from Vendor (siemens) · only source for this CVE.
CVSS VectorVendor: siemens
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
5DescriptionCVE.org
A vulnerability has been identified in Solid Edge SE2026 (All versions < V226.0 Update 5). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.
AnalysisAI
Uninitialized pointer access in Siemens Solid Edge SE2026 enables arbitrary code execution when processing malicious PAR files. Attackers must deliver a crafted PAR file and convince users to open it (CVSS:4.0 AV:L/UI:P), achieving full compromise of the victim's workstation with high confidentiality, integrity, and availability impact. No active exploitation confirmed at time of analysis, though the local attack vector and user interaction requirement limit automated mass exploitation. EPSS data not available for risk calibration.
Technical ContextAI
Solid Edge is Siemens' CAD software for mechanical design, supporting multiple 3D file formats including Parasolid (PAR) files. This vulnerability (CWE-824: Access of Uninitialized Pointer) occurs during PAR file parsing when the application dereferences memory pointers before proper initialization. In memory corruption scenarios, uninitialized pointers may contain arbitrary memory addresses from prior operations, enabling attackers to control program execution flow by crafting PAR files that manipulate parser state. The affected CPE (cpe:2.3:a:siemens:solid_edge_se2026:*:*:*:*:*:*:*:*) identifies all versions prior to V226.0 Update 5 as vulnerable, indicating the parser logic flaw exists across the SE2026 product line until the recent patch.
RemediationAI
Upgrade Siemens Solid Edge SE2026 to version V226.0 Update 5 or later, as confirmed by Siemens Product CERT advisory SSA-921111 (https://cert-portal.siemens.com/productcert/html/ssa-921111.html). Organizations unable to immediately patch should implement defense-in-depth controls: restrict PAR file sources to trusted design partners with verified file integrity (cryptographic signatures or secure transfer channels); deploy application whitelisting to prevent unauthorized executables launched by exploit payloads (reduces post-exploitation impact but does not prevent initial memory corruption); enable Enhanced Mitigation Experience Toolkit (EMET) or Windows Defender Exploit Guard with arbitrary code guard and export address filtering on endpoints running Solid Edge (may interfere with legitimate CAD plugins, requiring compatibility testing); isolate Solid Edge workstations from internet access and sensitive network segments using microsegmentation (limits attacker pivoting after successful exploitation). User awareness training should emphasize risks of opening unsolicited CAD files, though sophisticated supply chain attacks may embed malicious PAR files in legitimate project workflows, reducing effectiveness of user vigilance alone.
More in Solid Edge Se2026
View allLocal privilege escalation in Siemens' IAM Client SDK, a shared authentication component bundled across a wide range of
Improper TLS certificate validation in Siemens Software Center, Simcenter 3D, Simcenter Femap, Simcenter STAR-CCM+, Soli
Stack-based buffer overflow in Siemens Solid Edge SE2026 allows arbitrary code execution when users open malicious PAR f
Same weakness CWE-824 – Access of Uninitialized Pointer
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-29435
GHSA-v84h-8xq6-rv63