Search
Find a vulnerability
Search criteria
2 vulnerabilities found for Tecnomatix Process Simulate by Siemens
CVE-2025-40945 (GCVE-0-2025-40945)
Vulnerability from nvd – Published: 2026-07-14 09:19 – Updated: 2026-07-14 12:16
VLAI
EPSS
VEX
Summary
A vulnerability has been identified in COMOS V10.4.5 (All versions < V10.4.5.0.2), COMOS V10.6 (All versions < V10.6.1), Designcenter NX (All versions < V2512.7000), Simcenter 3D (All versions < V2512.7000), Simcenter Femap V2506 (All versions < V2506.0003), Simcenter Femap V2512 (All versions < V2512.0002), Simcenter Nastran (All versions < V2606), Simcenter STAR-CCM+ (All versions < V2606), Solid Edge SE2025 (All versions < V225.0 Update 13), Solid Edge SE2026 (All versions < V226.0 Update 04), Teamcenter Visualization V2412 (All versions < V2412.0012), Teamcenter Visualization V2506 (All versions < V2506.0009), Teamcenter Visualization V2512 (All versions < V2512.2605), Tecnomatix Plant Simulation V2404 (All versions < V2404.0022), Tecnomatix Plant Simulation V2504 (All versions < V2504.0010), Tecnomatix Process Simulate (All versions < V2606). Untrusted search path in IAM Client SDK may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-426 - Untrusted Search Path
Assigner
References
1 reference
Impacted products
16 products
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | COMOS V10.4.5 |
Affected:
0 , < V10.4.5.0.2
(custom)
|
|
| Siemens | COMOS V10.6 |
Affected:
0 , < V10.6.1
(custom)
|
|
| Siemens | Designcenter NX |
Affected:
0 , < V2512.7000
(custom)
|
|
| Siemens | Simcenter 3D |
Affected:
0 , < V2512.7000
(custom)
|
|
| Siemens | Simcenter Femap V2506 |
Affected:
0 , < V2506.0003
(custom)
|
|
| Siemens | Simcenter Femap V2512 |
Affected:
0 , < V2512.0002
(custom)
|
|
| Siemens | Simcenter Nastran |
Affected:
0 , < V2606
(custom)
|
|
| Siemens | Simcenter STAR-CCM+ |
Affected:
0 , < V2606
(custom)
|
|
| Siemens | Solid Edge SE2025 |
Affected:
0 , < V225.0 Update 13
(custom)
|
|
| Siemens | Solid Edge SE2026 |
Affected:
0 , < V226.0 Update 04
(custom)
|
|
| Siemens | Teamcenter Visualization V2412 |
Affected:
0 , < V2412.0012
(custom)
|
|
| Siemens | Teamcenter Visualization V2506 |
Affected:
0 , < V2506.0009
(custom)
|
|
| Siemens | Teamcenter Visualization V2512 |
Affected:
0 , < V2512.2605
(custom)
|
|
| Siemens | Tecnomatix Plant Simulation V2404 |
Affected:
0 , < V2404.0022
(custom)
|
|
| Siemens | Tecnomatix Plant Simulation V2504 |
Affected:
0 , < V2504.0010
(custom)
|
|
| Siemens | Tecnomatix Process Simulate |
Affected:
0 , < V2606
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-40945",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-14T12:16:50.783446Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-14T12:16:59.871Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "COMOS V10.4.5",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V10.4.5.0.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "COMOS V10.6",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V10.6.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Designcenter NX",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2512.7000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Simcenter 3D",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2512.7000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Simcenter Femap V2506",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2506.0003",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Simcenter Femap V2512",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2512.0002",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Simcenter Nastran",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2606",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Simcenter STAR-CCM+",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2606",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2025",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V225.0 Update 13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2026",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V226.0 Update 04",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V2412",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2412.0012",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V2506",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2506.0009",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V2512",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2512.2605",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2404",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2404.0022",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2504",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2504.0010",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Process Simulate",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2606",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in COMOS V10.4.5 (All versions \u003c V10.4.5.0.2), COMOS V10.6 (All versions \u003c V10.6.1), Designcenter NX (All versions \u003c V2512.7000), Simcenter 3D (All versions \u003c V2512.7000), Simcenter Femap V2506 (All versions \u003c V2506.0003), Simcenter Femap V2512 (All versions \u003c V2512.0002), Simcenter Nastran (All versions \u003c V2606), Simcenter STAR-CCM+ (All versions \u003c V2606), Solid Edge SE2025 (All versions \u003c V225.0 Update 13), Solid Edge SE2026 (All versions \u003c V226.0 Update 04), Teamcenter Visualization V2412 (All versions \u003c V2412.0012), Teamcenter Visualization V2506 (All versions \u003c V2506.0009), Teamcenter Visualization V2512 (All versions \u003c V2512.2605), Tecnomatix Plant Simulation V2404 (All versions \u003c V2404.0022), Tecnomatix Plant Simulation V2504 (All versions \u003c V2504.0010), Tecnomatix Process Simulate (All versions \u003c V2606). Untrusted search path in IAM Client SDK may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426: Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-14T09:19:08.857Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-288252.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2025-40945",
"datePublished": "2026-07-14T09:19:08.857Z",
"dateReserved": "2025-04-16T09:06:15.879Z",
"dateUpdated": "2026-07-14T12:16:59.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40945 (GCVE-0-2025-40945)
Vulnerability from cvelistv5 – Published: 2026-07-14 09:19 – Updated: 2026-07-14 12:16
VLAI
EPSS
VEX
Summary
A vulnerability has been identified in COMOS V10.4.5 (All versions < V10.4.5.0.2), COMOS V10.6 (All versions < V10.6.1), Designcenter NX (All versions < V2512.7000), Simcenter 3D (All versions < V2512.7000), Simcenter Femap V2506 (All versions < V2506.0003), Simcenter Femap V2512 (All versions < V2512.0002), Simcenter Nastran (All versions < V2606), Simcenter STAR-CCM+ (All versions < V2606), Solid Edge SE2025 (All versions < V225.0 Update 13), Solid Edge SE2026 (All versions < V226.0 Update 04), Teamcenter Visualization V2412 (All versions < V2412.0012), Teamcenter Visualization V2506 (All versions < V2506.0009), Teamcenter Visualization V2512 (All versions < V2512.2605), Tecnomatix Plant Simulation V2404 (All versions < V2404.0022), Tecnomatix Plant Simulation V2504 (All versions < V2504.0010), Tecnomatix Process Simulate (All versions < V2606). Untrusted search path in IAM Client SDK may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-426 - Untrusted Search Path
Assigner
References
1 reference
Impacted products
16 products
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | COMOS V10.4.5 |
Affected:
0 , < V10.4.5.0.2
(custom)
|
|
| Siemens | COMOS V10.6 |
Affected:
0 , < V10.6.1
(custom)
|
|
| Siemens | Designcenter NX |
Affected:
0 , < V2512.7000
(custom)
|
|
| Siemens | Simcenter 3D |
Affected:
0 , < V2512.7000
(custom)
|
|
| Siemens | Simcenter Femap V2506 |
Affected:
0 , < V2506.0003
(custom)
|
|
| Siemens | Simcenter Femap V2512 |
Affected:
0 , < V2512.0002
(custom)
|
|
| Siemens | Simcenter Nastran |
Affected:
0 , < V2606
(custom)
|
|
| Siemens | Simcenter STAR-CCM+ |
Affected:
0 , < V2606
(custom)
|
|
| Siemens | Solid Edge SE2025 |
Affected:
0 , < V225.0 Update 13
(custom)
|
|
| Siemens | Solid Edge SE2026 |
Affected:
0 , < V226.0 Update 04
(custom)
|
|
| Siemens | Teamcenter Visualization V2412 |
Affected:
0 , < V2412.0012
(custom)
|
|
| Siemens | Teamcenter Visualization V2506 |
Affected:
0 , < V2506.0009
(custom)
|
|
| Siemens | Teamcenter Visualization V2512 |
Affected:
0 , < V2512.2605
(custom)
|
|
| Siemens | Tecnomatix Plant Simulation V2404 |
Affected:
0 , < V2404.0022
(custom)
|
|
| Siemens | Tecnomatix Plant Simulation V2504 |
Affected:
0 , < V2504.0010
(custom)
|
|
| Siemens | Tecnomatix Process Simulate |
Affected:
0 , < V2606
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-40945",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-14T12:16:50.783446Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-14T12:16:59.871Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "COMOS V10.4.5",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V10.4.5.0.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "COMOS V10.6",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V10.6.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Designcenter NX",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2512.7000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Simcenter 3D",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2512.7000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Simcenter Femap V2506",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2506.0003",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Simcenter Femap V2512",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2512.0002",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Simcenter Nastran",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2606",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Simcenter STAR-CCM+",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2606",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2025",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V225.0 Update 13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2026",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V226.0 Update 04",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V2412",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2412.0012",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V2506",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2506.0009",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V2512",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2512.2605",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2404",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2404.0022",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2504",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2504.0010",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Process Simulate",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2606",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in COMOS V10.4.5 (All versions \u003c V10.4.5.0.2), COMOS V10.6 (All versions \u003c V10.6.1), Designcenter NX (All versions \u003c V2512.7000), Simcenter 3D (All versions \u003c V2512.7000), Simcenter Femap V2506 (All versions \u003c V2506.0003), Simcenter Femap V2512 (All versions \u003c V2512.0002), Simcenter Nastran (All versions \u003c V2606), Simcenter STAR-CCM+ (All versions \u003c V2606), Solid Edge SE2025 (All versions \u003c V225.0 Update 13), Solid Edge SE2026 (All versions \u003c V226.0 Update 04), Teamcenter Visualization V2412 (All versions \u003c V2412.0012), Teamcenter Visualization V2506 (All versions \u003c V2506.0009), Teamcenter Visualization V2512 (All versions \u003c V2512.2605), Tecnomatix Plant Simulation V2404 (All versions \u003c V2404.0022), Tecnomatix Plant Simulation V2504 (All versions \u003c V2504.0010), Tecnomatix Process Simulate (All versions \u003c V2606). Untrusted search path in IAM Client SDK may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426: Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-14T09:19:08.857Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-288252.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2025-40945",
"datePublished": "2026-07-14T09:19:08.857Z",
"dateReserved": "2025-04-16T09:06:15.879Z",
"dateUpdated": "2026-07-14T12:16:59.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}