CVE-2025-25266

CWE-552Files Accessible to External Parties3 documents3 sources
Severity
7.0HIGH
EPSS
0.0%
top 89.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Siemens Tecnomatix Plant Simulation V2302Siemens Tecnomatix Plant Simulation V2404Siemens Tecnomatix Plant Simulation
Timeline
PublishedMar 11

Description

A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected application does not properly restrict access to the file deletion functionality. This could allow an unauthorized attacker to delete files even when access to the system should be prohibited, resulting in potential data loss or unauthorized modification of system files.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N

Affected Packages3 packages

NVDsiemens/tecnomatix_plant_simulation2302.02302.0021+1

🔴Vulnerability Details

2
GHSA
GHSA-jcxh-7f92-q9f6: A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V23022025-03-11
CVEList
CVE-2025-25266: A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V23022025-03-11
CVE-2025-25266 (HIGH CVSS 7) | A vulnerability has been identified | cvebase.io