Skip to main content

Tecnomatix Plant Simulation V2504

1 CVEs product

Monthly

CVE-2025-40945 HIGH This Week

Local privilege escalation in Siemens' IAM Client SDK, a shared authentication component bundled across a wide range of Siemens engineering and PLM products (Solid Edge, Teamcenter Visualization, Simcenter, Tecnomatix, COMOS, Designcenter NX), allows an authenticated local user to load attacker-controlled code through an untrusted search path (CWE-426) and gain elevated privileges. The flaw carries a CVSS 4.0 base score of 8.5 and requires only low local privileges with no user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Privilege Escalation Comos V10 4 5 Comos V10 6 Designcenter Nx Simcenter 3D +12
NVD
CVSS 4.0
8.5
EPSS
0.1%
EPSS 0% CVSS 8.5
HIGH This Week

Local privilege escalation in Siemens' IAM Client SDK, a shared authentication component bundled across a wide range of Siemens engineering and PLM products (Solid Edge, Teamcenter Visualization, Simcenter, Tecnomatix, COMOS, Designcenter NX), allows an authenticated local user to load attacker-controlled code through an untrusted search path (CWE-426) and gain elevated privileges. The flaw carries a CVSS 4.0 base score of 8.5 and requires only low local privileges with no user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Privilege Escalation Comos V10 4 5 Comos V10 6 +14
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy