CVE-2025-40812

CWE-125 — Out-of-bounds Read4 documents4 sources

Severity

7.3HIGH

EPSS

0.0%

top 96.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Solid Edge Se2024 Siemens Solid Edge Se2025

Timeline

PublishedOct 14

Description

A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 14), Solid Edge SE2025 (All versions < V225.0 Update 6). The affected applications contains an out of bounds read vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process.

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages4 packages

▶CVEListV5siemens/solid_edge_se2024< V224.0 Update 14

▶CVEListV5siemens/solid_edge_se2025< V225.0 Update 6

▶NVDsiemens/solid_edge_se2024224.0

▶NVDsiemens/solid_edge_se2025225.0

🔴Vulnerability Details

GHSA

GHSA-v2f5-7x62-mrpx: A vulnerability has been identified in Solid Edge SE2024 (All versions < V224↗2025-10-14

▶

CVEList

CVE-2025-40812: A vulnerability has been identified in Solid Edge SE2024 (All versions < V224↗2025-10-14

▶

📋Vendor Advisories

Microsoft

The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks.↗2021-09-14

▶