Siemens Simcenter Star-Ccm vulnerabilities

CVE-2025-40745 [MEDIUM] CWE-295 CVE-2025-40745: A vulnerability has been identified in Siemens Software Center (All versions < V3.5.8.2), Simcenter A vulnerability has been identified in Siemens Software Center (All versions < V3.5.8.2), Simcenter 3D (All versions < V2506.6000), Simcenter Femap (All versions < V2506.0002), Simcenter STAR-CCM+ (All versions < V2602), Solid Edge SE2025 (All versions < V225.0 Update 13), Solid Edge SE2026 (All versions < V226.0 Update 04), Tecnomatix Plant Simulati

CVE-2022-43517 [HIGH] CWE-732 CVE-2022-43517: A vulnerability has been identified in Simcenter STAR-CCM+ (All versions < V2306). The affected appl A vulnerability has been identified in Simcenter STAR-CCM+ (All versions < V2306). The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the service executables and subsequently gain elevated privileges.

CVE-2022-34659 [HIGH] CWE-200 CVE-2022-34659: A vulnerability has been identified in Simcenter STAR-CCM+ (All versions only if the Power-on-Demand A vulnerability has been identified in Simcenter STAR-CCM+ (All versions only if the Power-on-Demand public license server is used). Affected applications expose user, host and display name of users, when the public license server is used. This could allow an attacker to retrieve this information.

CVE-2021-25665 [HIGH] CWE-787 CVE-2021-25665: A vulnerability has been identified in Simcenter STAR-CCM+ Viewer (All versions < V2021.2.1). The st A vulnerability has been identified in Simcenter STAR-CCM+ Viewer (All versions < V2021.2.1). The starview+.exe application lacks proper validation of user-supplied data when parsing scene files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the cont