Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-40809 (GCVE-0-2025-40809)
Vulnerability from cvelistv5 – Published: 2025-10-14 09:15 – Updated: 2025-10-14 19:03
VLAI?
EPSS
Summary
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 14), Solid Edge SE2025 (All versions < V225.0 Update 6). The affected applications contains an out of bounds write vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process.
Severity ?
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | Solid Edge SE2024 |
Affected:
0 , < V224.0 Update 14
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-40809",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T19:03:27.180888Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:03:33.965Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2024",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V224.0 Update 14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2025",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V225.0 Update 6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2024 (All versions \u003c V224.0 Update 14), Solid Edge SE2025 (All versions \u003c V225.0 Update 6). The affected applications contains an out of bounds write vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T09:15:27.478Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-541582.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2025-40809",
"datePublished": "2025-10-14T09:15:27.478Z",
"dateReserved": "2025-04-16T08:50:26.974Z",
"dateUpdated": "2025-10-14T19:03:33.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-40809\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2025-10-14T10:15:39.580\",\"lastModified\":\"2025-10-16T14:03:17.823\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in Solid Edge SE2024 (All versions \u003c V224.0 Update 14), Solid Edge SE2025 (All versions \u003c V225.0 Update 6). The affected applications contains an out of bounds write vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"PASSIVE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2024:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"893736B3-0140-4775-8700-CB9D7719DDE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2024:224.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0119E8F-1FAF-4A3B-B6E9-20F78360FC82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_0001:*:*:*:*:*:*\",\"matchCriteriaId\":\"829C4AEB-7C8D-408B-A79C-8684753F45E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_00010:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E262AB3-8C47-430A-9D42-89317CB630C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_00011:*:*:*:*:*:*\",\"matchCriteriaId\":\"94758C94-F427-480E-A9F1-109D8660C4E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_00012:*:*:*:*:*:*\",\"matchCriteriaId\":\"D084D11C-08FB-4EEE-A5E3-D93C10103D2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_00013:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8A834C5-1E45-4087-A3A4-C059A2C9960C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_0002:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E8FB23E-280D-46FD-BD44-5D4552639E00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_0003:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA2417A0-DD31-46FC-8D5A-9128B86C9352\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_0004:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CA9C494-767C-4CFA-AB07-106298B7B2C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_0005:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3738D73-82A5-41E4-8083-34611A6301BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_0006:*:*:*:*:*:*\",\"matchCriteriaId\":\"5634352F-0DD1-4731-9E43-61D0A9A40D1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_0007:*:*:*:*:*:*\",\"matchCriteriaId\":\"32E3D549-54F0-4909-830D-BDE8CDAD5AF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_0008:*:*:*:*:*:*\",\"matchCriteriaId\":\"1137D7B3-17AD-4997-AC19-4308AA5C9438\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_0009:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5488DEB-3165-4F88-8C63-7B9BC212DEFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2025:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EBC379B-A9D5-4587-87A1-59D2D8EF2267\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2025:225.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D717792-2F86-43CD-973B-249171094C6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0001:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C6F3C20-8AB5-4A6A-8524-C7CBC4A4D973\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0002:*:*:*:*:*:*\",\"matchCriteriaId\":\"03CCA3A8-F8D6-4C80-BC03-15B865CE46B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0003:*:*:*:*:*:*\",\"matchCriteriaId\":\"B51556E8-9A3B-4755-BC2C-8FACABC01A7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0004:*:*:*:*:*:*\",\"matchCriteriaId\":\"737A4807-387D-4099-880D-2CCEE7B77B44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0005:*:*:*:*:*:*\",\"matchCriteriaId\":\"9267F09C-5EFD-443F-ABE0-974C1D034464\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-541582.html\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-40809\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-14T19:03:27.180888Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-14T19:03:31.063Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\"}}, {\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 7.3, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\"}}], \"affected\": [{\"vendor\": \"Siemens\", \"product\": \"Solid Edge SE2024\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V224.0 Update 14\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"Solid Edge SE2025\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V225.0 Update 6\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-541582.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability has been identified in Solid Edge SE2024 (All versions \u003c V224.0 Update 14), Solid Edge SE2025 (All versions \u003c V225.0 Update 6). The affected applications contains an out of bounds write vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787: Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"cec7a2ec-15b4-4faf-bd53-b40f371f3a77\", \"shortName\": \"siemens\", \"dateUpdated\": \"2025-10-14T09:15:27.478Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-40809\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-14T19:03:33.965Z\", \"dateReserved\": \"2025-04-16T08:50:26.974Z\", \"assignerOrgId\": \"cec7a2ec-15b4-4faf-bd53-b40f371f3a77\", \"datePublished\": \"2025-10-14T09:15:27.478Z\", \"assignerShortName\": \"siemens\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
SSA-541582
Vulnerability from csaf_siemens - Published: 2025-10-14 00:00 - Updated: 2025-10-14 00:00Summary
SSA-541582: Multiple File Parsing Vulnerabilities in Solid Edge
Notes
Summary: Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads specially crafted PRT files format. This could allow an attacker to crash the application or execute arbitrary code.
Siemens has released new versions for the affected products and recommends to update to the latest versions.
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
7.8 (High)
Mitigation
Do not open untrusted PRT files in affected applications
Vendor Fix
Update to V224.0 Update 14 or later version
https://support.sw.siemens.com/product/246738425/
Vendor Fix
Update to V225.0 Update 6 or later version
https://support.sw.siemens.com/product/246738425/
7.8 (High)
Mitigation
Do not open untrusted PRT files in affected applications
Vendor Fix
Update to V224.0 Update 14 or later version
https://support.sw.siemens.com/product/246738425/
Vendor Fix
Update to V225.0 Update 6 or later version
https://support.sw.siemens.com/product/246738425/
7.8 (High)
Mitigation
Do not open untrusted PRT files in affected applications
Vendor Fix
Update to V224.0 Update 14 or later version
https://support.sw.siemens.com/product/246738425/
Vendor Fix
Update to V225.0 Update 6 or later version
https://support.sw.siemens.com/product/246738425/
7.8 (High)
Mitigation
Do not open untrusted PRT files in affected applications
Vendor Fix
Update to V224.0 Update 14 or later version
https://support.sw.siemens.com/product/246738425/
Vendor Fix
Update to V225.0 Update 6 or later version
https://support.sw.siemens.com/product/246738425/
References
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads specially crafted PRT files format. This could allow an attacker to crash the application or execute arbitrary code.\n\nSiemens has released new versions for the affected products and recommends to update to the latest versions.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-541582: Multiple File Parsing Vulnerabilities in Solid Edge - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-541582.html"
},
{
"category": "self",
"summary": "SSA-541582: Multiple File Parsing Vulnerabilities in Solid Edge - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-541582.json"
}
],
"title": "SSA-541582: Multiple File Parsing Vulnerabilities in Solid Edge",
"tracking": {
"current_release_date": "2025-10-14T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-541582",
"initial_release_date": "2025-10-14T00:00:00Z",
"revision_history": [
{
"date": "2025-10-14T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
}
],
"status": "interim",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V224.0 Update 14",
"product": {
"name": "Solid Edge SE2024",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "Solid Edge SE2024"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V225.0 Update 6",
"product": {
"name": "Solid Edge SE2025",
"product_id": "2"
}
}
],
"category": "product_name",
"name": "Solid Edge SE2025"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-40809",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "The affected applications contains an out of bounds write vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Do not open untrusted PRT files in affected applications",
"product_ids": [
"1",
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V224.0 Update 14 or later version",
"product_ids": [
"1"
],
"url": "https://support.sw.siemens.com/product/246738425/"
},
{
"category": "vendor_fix",
"details": "Update to V225.0 Update 6 or later version",
"product_ids": [
"2"
],
"url": "https://support.sw.siemens.com/product/246738425/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2025-40809"
},
{
"cve": "CVE-2025-40810",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "The affected applications contains an out of bounds write vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Do not open untrusted PRT files in affected applications",
"product_ids": [
"1",
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V224.0 Update 14 or later version",
"product_ids": [
"1"
],
"url": "https://support.sw.siemens.com/product/246738425/"
},
{
"category": "vendor_fix",
"details": "Update to V225.0 Update 6 or later version",
"product_ids": [
"2"
],
"url": "https://support.sw.siemens.com/product/246738425/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2025-40810"
},
{
"cve": "CVE-2025-40811",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The affected applications contains an out of bounds read vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Do not open untrusted PRT files in affected applications",
"product_ids": [
"1",
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V224.0 Update 14 or later version",
"product_ids": [
"1"
],
"url": "https://support.sw.siemens.com/product/246738425/"
},
{
"category": "vendor_fix",
"details": "Update to V225.0 Update 6 or later version",
"product_ids": [
"2"
],
"url": "https://support.sw.siemens.com/product/246738425/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2025-40811"
},
{
"cve": "CVE-2025-40812",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The affected applications contains an out of bounds read vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Do not open untrusted PRT files in affected applications",
"product_ids": [
"1",
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V224.0 Update 14 or later version",
"product_ids": [
"1"
],
"url": "https://support.sw.siemens.com/product/246738425/"
},
{
"category": "vendor_fix",
"details": "Update to V225.0 Update 6 or later version",
"product_ids": [
"2"
],
"url": "https://support.sw.siemens.com/product/246738425/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2025-40812"
}
]
}
NCSC-2025-0309
Vulnerability from csaf_ncscnl - Published: 2025-10-14 11:22 - Updated: 2025-10-14 11:22Summary
Kwetsbaarheden verholpen in Siemens producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Siemens heeft kwetsbaarheden verholpen in diverse producten als SIMATIC, SINEC, SIPLUS en Solid Edge.
Interpretaties: De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipulatie van gegevens
- Omzeilen van een beveiligingsmaatregel
- Omzeilen van authenticatie
- (Remote) code execution (root/admin rechten)
- Toegang tot systeemgegevens
- Verhogen van rechten
- Spoofing
De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.
Oplossingen: Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-125: Out-of-bounds Read
CWE-257: Storing Passwords in a Recoverable Format
CWE-306: Missing Authentication for Critical Function
CWE-639: Authorization Bypass Through User-Controlled Key
CWE-787: Out-of-bounds Write
CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')
A heap-based buffer overflow vulnerability in Accusoft ImageGear 20.1 can be exploited via a specially crafted file, leading to arbitrary code execution.
9.8 (Critical)
Palo Alto Networks has integrated Chromium security fixes addressing a high-severity type confusion vulnerability in the V8 JavaScript engine of Google Chrome, which allows remote attackers to perform arbitrary read/write operations via crafted HTML pages.
8.8 (High)
A vulnerability in SINEC NMS versions prior to V4.0 SP1 allows low privileged authenticated attackers to exploit SQL injection via the getTotalAndFilterCounts endpoint, potentially leading to data insertion and privilege escalation.
8.8 (High)
A vulnerability in TeleControl Server Basic V3.1 enables unauthenticated remote attackers to access user password hashes and execute authenticated database operations.
9.8 (Critical)
A vulnerability in SIMATIC and SIPLUS devices (versions < V2.4.24) allows unauthenticated remote attackers to access configuration data due to improper authentication of configuration connections.
9.8 (Critical)
A vulnerability in SiPass integrated versions prior to V3.0 allows stored Cross-Site Scripting (XSS) attacks, enabling code injection and user impersonation.
7.4 (High)
A vulnerability in SiPass integrated versions prior to V3.0 allows attackers to exploit broken access control, potentially manipulating other users' data due to insufficient server-side authorization checks.
CWE-639 - Authorization Bypass Through User-Controlled KeyA vulnerability in SiPass integrated versions prior to V3.0 allows administrative users to access decryption keys for encrypted passwords, posing a risk of unauthorized access.
4.4 (Medium)
A vulnerability in Solid Edge SE2024 and SE2025 allows for an out of bounds write when parsing specially crafted PRT files, potentially enabling an attacker to crash the application or execute arbitrary code.
7.8 (High)
A vulnerability in Solid Edge SE2024 and SE2025 allows for an out of bounds write when parsing specially crafted PRT files, potentially enabling an attacker to crash the application or execute arbitrary code.
7.8 (High)
A vulnerability in Solid Edge SE2024 and SE2025 allows for an out of bounds read when parsing specially crafted PRT files, potentially enabling an attacker to crash the application or execute code.
7.8 (High)
A vulnerability in Solid Edge SE2024 and SE2025 allows for an out of bounds read when parsing specially crafted PRT files, potentially enabling an attacker to crash the application or execute code.
7.8 (High)
References
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Siemens heeft kwetsbaarheden verholpen in diverse producten als SIMATIC, SINEC, SIPLUS en Solid Edge.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Omzeilen van een beveiligingsmaatregel\n- Omzeilen van authenticatie\n- (Remote) code execution (root/admin rechten)\n- Toegang tot systeemgegevens\n- Verhogen van rechten\n- Spoofing\n\nDe kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico\u0027s zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"title": "CWE-89"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Storing Passwords in a Recoverable Format",
"title": "CWE-257"
},
{
"category": "general",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "general",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-062309.pdf"
},
{
"category": "external",
"summary": "Reference",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-318832.pdf"
},
{
"category": "external",
"summary": "Reference",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-365200.pdf"
},
{
"category": "external",
"summary": "Reference",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-486936.pdf"
},
{
"category": "external",
"summary": "Reference",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-541582.pdf"
},
{
"category": "external",
"summary": "Reference",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599451.pdf"
}
],
"title": "Kwetsbaarheden verholpen in Siemens producten",
"tracking": {
"current_release_date": "2025-10-14T11:22:10.254089Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2025-0309",
"initial_release_date": "2025-10-14T11:22:10.254089Z",
"revision_history": [
{
"date": "2025-10-14T11:22:10.254089Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1542SP-1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1542SP-1 IRC"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-3"
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1543SP-1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-4"
}
}
],
"category": "product_name",
"name": "SINEC NMS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-5"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-6"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200SP CP 1543SP-1 ISEC"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-7"
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-8"
}
}
],
"category": "product_name",
"name": "SiPass integrated"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-9"
}
}
],
"category": "product_name",
"name": "Solid Edge SE2024"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-10"
}
}
],
"category": "product_name",
"name": "Solid Edge SE2025"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-11"
}
}
],
"category": "product_name",
"name": "TeleControl Server Basic V3.1"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-35002",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in Accusoft ImageGear 20.1 can be exploited via a specially crafted file, leading to arbitrary code execution.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-35002 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-35002.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2023-35002"
},
{
"cve": "CVE-2025-6554",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "other",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
},
{
"category": "description",
"text": "Palo Alto Networks has integrated Chromium security fixes addressing a high-severity type confusion vulnerability in the V8 JavaScript engine of Google Chrome, which allows remote attackers to perform arbitrary read/write operations via crafted HTML pages.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/AU:N/R:U/V:D/RE:M/U:Amber",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-6554 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-6554.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-6554"
},
{
"cve": "CVE-2025-40755",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"title": "CWE-89"
},
{
"category": "description",
"text": "A vulnerability in SINEC NMS versions prior to V4.0 SP1 allows low privileged authenticated attackers to exploit SQL injection via the getTotalAndFilterCounts endpoint, potentially leading to data insertion and privilege escalation.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40755 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40755.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-40755"
},
{
"cve": "CVE-2025-40765",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "other",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "description",
"text": "A vulnerability in TeleControl Server Basic V3.1 enables unauthenticated remote attackers to access user password hashes and execute authenticated database operations.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40765 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40765.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-40765"
},
{
"cve": "CVE-2025-40771",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "other",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "description",
"text": "A vulnerability in SIMATIC and SIPLUS devices (versions \u003c V2.4.24) allows unauthenticated remote attackers to access configuration data due to improper authentication of configuration connections.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40771 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40771.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-40771"
},
{
"cve": "CVE-2025-40772",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "description",
"text": "A vulnerability in SiPass integrated versions prior to V3.0 allows stored Cross-Site Scripting (XSS) attacks, enabling code injection and user impersonation.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40772 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40772.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-40772"
},
{
"cve": "CVE-2025-40773",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"notes": [
{
"category": "other",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "description",
"text": "A vulnerability in SiPass integrated versions prior to V3.0 allows attackers to exploit broken access control, potentially manipulating other users\u0027 data due to insufficient server-side authorization checks.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40773 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40773.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-40773"
},
{
"cve": "CVE-2025-40774",
"cwe": {
"id": "CWE-257",
"name": "Storing Passwords in a Recoverable Format"
},
"notes": [
{
"category": "other",
"text": "Storing Passwords in a Recoverable Format",
"title": "CWE-257"
},
{
"category": "description",
"text": "A vulnerability in SiPass integrated versions prior to V3.0 allows administrative users to access decryption keys for encrypted passwords, posing a risk of unauthorized access.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40774 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40774.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-40774"
},
{
"cve": "CVE-2025-40809",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "description",
"text": "A vulnerability in Solid Edge SE2024 and SE2025 allows for an out of bounds write when parsing specially crafted PRT files, potentially enabling an attacker to crash the application or execute arbitrary code.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40809 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40809.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-40809"
},
{
"cve": "CVE-2025-40810",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "description",
"text": "A vulnerability in Solid Edge SE2024 and SE2025 allows for an out of bounds write when parsing specially crafted PRT files, potentially enabling an attacker to crash the application or execute arbitrary code.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40810 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40810.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-40810"
},
{
"cve": "CVE-2025-40811",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "A vulnerability in Solid Edge SE2024 and SE2025 allows for an out of bounds read when parsing specially crafted PRT files, potentially enabling an attacker to crash the application or execute code.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40811 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40811.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-40811"
},
{
"cve": "CVE-2025-40812",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "A vulnerability in Solid Edge SE2024 and SE2025 allows for an out of bounds read when parsing specially crafted PRT files, potentially enabling an attacker to crash the application or execute code.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40812 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40812.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11"
]
}
],
"title": "CVE-2025-40812"
}
]
}
ICSA-25-289-05
Vulnerability from csaf_cisa - Published: 2025-10-14 00:00 - Updated: 2025-10-14 00:00Summary
Siemens Solid Edge
Notes
Summary: Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads specially crafted PRT files format. This could allow an attacker to crash the application or execute arbitrary code.
Siemens has released new versions for the affected products and recommends to update to the latest versions.
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
Legal Notice and Terms of Use: This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).
Advisory Conversion Disclaimer: This ICSA is a verbatim republication of Siemens ProductCERT SSA-541582 from a direct conversion of the vendor's Common Security Advisory Framework (CSAF) advisory. This is republished to CISA's website as a means of increasing visibility and is provided "as-is" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory.
Critical infrastructure sectors: Critical Manufacturing
Countries/areas deployed: Worldwide
Company headquarters location: Germany
Recommended Practices: CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices: Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices: When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
7.8 (High)
Mitigation
Do not open untrusted PRT files in affected applications
Vendor Fix
Update to V224.0 Update 14 or later version
https://support.sw.siemens.com/product/246738425/
Vendor Fix
Update to V225.0 Update 6 or later version
https://support.sw.siemens.com/product/246738425/
7.8 (High)
Mitigation
Do not open untrusted PRT files in affected applications
Vendor Fix
Update to V224.0 Update 14 or later version
https://support.sw.siemens.com/product/246738425/
Vendor Fix
Update to V225.0 Update 6 or later version
https://support.sw.siemens.com/product/246738425/
7.8 (High)
Mitigation
Do not open untrusted PRT files in affected applications
Vendor Fix
Update to V224.0 Update 14 or later version
https://support.sw.siemens.com/product/246738425/
Vendor Fix
Update to V225.0 Update 6 or later version
https://support.sw.siemens.com/product/246738425/
7.8 (High)
Mitigation
Do not open untrusted PRT files in affected applications
Vendor Fix
Update to V224.0 Update 14 or later version
https://support.sw.siemens.com/product/246738425/
Vendor Fix
Update to V225.0 Update 6 or later version
https://support.sw.siemens.com/product/246738425/
References
| URL | Category | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Acknowledgments
Michael Heinzl
Siemens ProductCERT
{
"document": {
"acknowledgments": [
{
"names": [
"Michael Heinzl"
],
"summary": "reporting these vulnerabilities to Siemens."
},
{
"organization": "Siemens ProductCERT",
"summary": "reporting these vulnerabilities to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads specially crafted PRT files format. This could allow an attacker to crash the application or execute arbitrary code.\n\nSiemens has released new versions for the affected products and recommends to update to the latest versions.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy \u0026 Use policy (https://www.cisa.gov/privacy-policy).",
"title": "Legal Notice and Terms of Use"
},
{
"category": "other",
"text": "This ICSA is a verbatim republication of Siemens ProductCERT SSA-541582 from a direct conversion of the vendor\u0027s Common Security Advisory Framework (CSAF) advisory. This is republished to CISA\u0027s website as a means of increasing visibility and is provided \"as-is\" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-541582: Multiple File Parsing Vulnerabilities in Solid Edge - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-541582.json"
},
{
"category": "self",
"summary": "SSA-541582: Multiple File Parsing Vulnerabilities in Solid Edge - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-541582.html"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-25-289-05 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-25-289-05.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-25-289-05 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-289-05"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b"
}
],
"title": "Siemens Solid Edge",
"tracking": {
"current_release_date": "2025-10-14T00:00:00.000000Z",
"generator": {
"date": "2025-10-16T21:33:18.656908Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-25-289-05",
"initial_release_date": "2025-10-14T00:00:00.000000Z",
"revision_history": [
{
"date": "2025-10-14T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV224.0_Update_14",
"product": {
"name": "Solid Edge SE2024",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Solid Edge SE2024"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV225.0_Update_6",
"product": {
"name": "Solid Edge SE2025",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Solid Edge SE2025"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-40809",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "The affected applications contains an out of bounds write vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Do not open untrusted PRT files in affected applications",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Update to V224.0 Update 14 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.sw.siemens.com/product/246738425/"
},
{
"category": "vendor_fix",
"details": "Update to V225.0 Update 6 or later version",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://support.sw.siemens.com/product/246738425/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2025-40809"
},
{
"cve": "CVE-2025-40810",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "The affected applications contains an out of bounds write vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Do not open untrusted PRT files in affected applications",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Update to V224.0 Update 14 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.sw.siemens.com/product/246738425/"
},
{
"category": "vendor_fix",
"details": "Update to V225.0 Update 6 or later version",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://support.sw.siemens.com/product/246738425/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2025-40810"
},
{
"cve": "CVE-2025-40811",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The affected applications contains an out of bounds read vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Do not open untrusted PRT files in affected applications",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Update to V224.0 Update 14 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.sw.siemens.com/product/246738425/"
},
{
"category": "vendor_fix",
"details": "Update to V225.0 Update 6 or later version",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://support.sw.siemens.com/product/246738425/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2025-40811"
},
{
"cve": "CVE-2025-40812",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The affected applications contains an out of bounds read vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Do not open untrusted PRT files in affected applications",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Update to V224.0 Update 14 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.sw.siemens.com/product/246738425/"
},
{
"category": "vendor_fix",
"details": "Update to V225.0 Update 6 or later version",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://support.sw.siemens.com/product/246738425/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"title": "CVE-2025-40812"
}
]
}
FKIE_CVE-2025-40809
Vulnerability from fkie_nvd - Published: 2025-10-14 10:15 - Updated: 2025-10-16 14:03
Severity ?
Summary
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 14), Solid Edge SE2025 (All versions < V225.0 Update 6). The affected applications contains an out of bounds write vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process.
References
| URL | Tags | ||
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-541582.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | solid_edge_se2024 | - | |
| siemens | solid_edge_se2024 | 224.0 | |
| siemens | solid_edge_se2024 | 224.0 | |
| siemens | solid_edge_se2024 | 224.0 | |
| siemens | solid_edge_se2024 | 224.0 | |
| siemens | solid_edge_se2024 | 224.0 | |
| siemens | solid_edge_se2024 | 224.0 | |
| siemens | solid_edge_se2024 | 224.0 | |
| siemens | solid_edge_se2024 | 224.0 | |
| siemens | solid_edge_se2024 | 224.0 | |
| siemens | solid_edge_se2024 | 224.0 | |
| siemens | solid_edge_se2024 | 224.0 | |
| siemens | solid_edge_se2024 | 224.0 | |
| siemens | solid_edge_se2024 | 224.0 | |
| siemens | solid_edge_se2024 | 224.0 | |
| siemens | solid_edge_se2025 | - | |
| siemens | solid_edge_se2025 | 225.0 | |
| siemens | solid_edge_se2025 | 225.0 | |
| siemens | solid_edge_se2025 | 225.0 | |
| siemens | solid_edge_se2025 | 225.0 | |
| siemens | solid_edge_se2025 | 225.0 | |
| siemens | solid_edge_se2025 | 225.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2024:-:*:*:*:*:*:*:*",
"matchCriteriaId": "893736B3-0140-4775-8700-CB9D7719DDE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2024:224.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A0119E8F-1FAF-4A3B-B6E9-20F78360FC82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_0001:*:*:*:*:*:*",
"matchCriteriaId": "829C4AEB-7C8D-408B-A79C-8684753F45E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_00010:*:*:*:*:*:*",
"matchCriteriaId": "8E262AB3-8C47-430A-9D42-89317CB630C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_00011:*:*:*:*:*:*",
"matchCriteriaId": "94758C94-F427-480E-A9F1-109D8660C4E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_00012:*:*:*:*:*:*",
"matchCriteriaId": "D084D11C-08FB-4EEE-A5E3-D93C10103D2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_00013:*:*:*:*:*:*",
"matchCriteriaId": "F8A834C5-1E45-4087-A3A4-C059A2C9960C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_0002:*:*:*:*:*:*",
"matchCriteriaId": "1E8FB23E-280D-46FD-BD44-5D4552639E00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_0003:*:*:*:*:*:*",
"matchCriteriaId": "CA2417A0-DD31-46FC-8D5A-9128B86C9352",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_0004:*:*:*:*:*:*",
"matchCriteriaId": "3CA9C494-767C-4CFA-AB07-106298B7B2C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_0005:*:*:*:*:*:*",
"matchCriteriaId": "C3738D73-82A5-41E4-8083-34611A6301BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_0006:*:*:*:*:*:*",
"matchCriteriaId": "5634352F-0DD1-4731-9E43-61D0A9A40D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_0007:*:*:*:*:*:*",
"matchCriteriaId": "32E3D549-54F0-4909-830D-BDE8CDAD5AF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_0008:*:*:*:*:*:*",
"matchCriteriaId": "1137D7B3-17AD-4997-AC19-4308AA5C9438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_0009:*:*:*:*:*:*",
"matchCriteriaId": "E5488DEB-3165-4F88-8C63-7B9BC212DEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2025:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBC379B-A9D5-4587-87A1-59D2D8EF2267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2025:225.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3D717792-2F86-43CD-973B-249171094C6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0001:*:*:*:*:*:*",
"matchCriteriaId": "2C6F3C20-8AB5-4A6A-8524-C7CBC4A4D973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0002:*:*:*:*:*:*",
"matchCriteriaId": "03CCA3A8-F8D6-4C80-BC03-15B865CE46B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0003:*:*:*:*:*:*",
"matchCriteriaId": "B51556E8-9A3B-4755-BC2C-8FACABC01A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0004:*:*:*:*:*:*",
"matchCriteriaId": "737A4807-387D-4099-880D-2CCEE7B77B44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0005:*:*:*:*:*:*",
"matchCriteriaId": "9267F09C-5EFD-443F-ABE0-974C1D034464",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2024 (All versions \u003c V224.0 Update 14), Solid Edge SE2025 (All versions \u003c V225.0 Update 6). The affected applications contains an out of bounds write vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process."
}
],
"id": "CVE-2025-40809",
"lastModified": "2025-10-16T14:03:17.823",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "productcert@siemens.com",
"type": "Secondary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
},
"published": "2025-10-14T10:15:39.580",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-541582.html"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
}
GHSA-W527-8C6Q-5W2M
Vulnerability from github – Published: 2025-10-14 12:31 – Updated: 2025-10-14 12:31
VLAI?
Details
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 14), Solid Edge SE2025 (All versions < V225.0 Update 6). The affected applications contains an out of bounds write vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process.
Severity ?
{
"affected": [],
"aliases": [
"CVE-2025-40809"
],
"database_specific": {
"cwe_ids": [
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-14T10:15:39Z",
"severity": "HIGH"
},
"details": "A vulnerability has been identified in Solid Edge SE2024 (All versions \u003c V224.0 Update 14), Solid Edge SE2025 (All versions \u003c V225.0 Update 6). The affected applications contains an out of bounds write vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process.",
"id": "GHSA-w527-8c6q-5w2m",
"modified": "2025-10-14T12:31:31Z",
"published": "2025-10-14T12:31:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40809"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-541582.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…