CVE-2025-40801

CWE-295Improper Certificate Validation4 documents4 sources
Severity
9.2CRITICAL
EPSS
0.0%
top 88.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Siemens Comos V10.6Siemens JT Bi-directional Translator FOR StepSiemens NX V2412+6 more
Timeline
PublishedDec 9

Description

A vulnerability has been identified in COMOS V10.6 (All versions < V10.6.1), COMOS V10.6 (All versions < V10.6.1), JT Bi-Directional Translator for STEP (All versions), NX V2412 (All versions < V2412.8900 with Cloud Entitlement (bundled as NX X)), NX V2506 (All versions < V2506.6000 with Cloud Entitlement (bundled as NX X)), Simcenter 3D (All versions < V2506.6000 with Cloud Entitlement (bundled as Simcenter X Mechanical)), Simcenter Femap (All versions < V2506.0002 with Cloud Entitlement (bundl

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages9 packages

CVEListV5siemens/simcenter_system_architect< V2506.0001
CVEListV5siemens/simcenter_femap< V2506.0002
CVEListV5siemens/simcenter_studio< V2506.0001
CVEListV5siemens/nx_v2506< V2506.6000
CVEListV5siemens/simcenter_3d< V2506.6000

🔴Vulnerability Details

2
CVEList
CVE-2025-40801: A vulnerability has been identified in COMOS V102025-12-09
GHSA
GHSA-3p2p-55rm-xcvw: A vulnerability has been identified in COMOS V102025-12-09

🕵️Threat Intelligence

1
Wiz
CVE-2025-40801 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2025-40801 (CRITICAL CVSS 9.2) | A vulnerability has been identified | cvebase.io