Lucene search
K

The vulnerability of the IAM software for designing, operating, and maintaining technological installations—COMOS, as well as tools for design and simulation such as Siemens Solid Edge, Simcenter 3D, and Simcenter Femap—allows a perpetrator to carry out a type of “man-in-the-middle” attack.

🗓️ 16 Dec 2025 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType 
bdu_fstec
 bdu_fstec
🔗 bdu.fstec.ru👁 2 Views

Identity and access management for COMOS and design tools has validation errors enabling man-in-the-middle attacks.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
Circl
CVE-2025-40800
9 Dec 202519:32
circl
CNNVD
Siemens多款产品 信任管理问题漏洞
9 Dec 202500:00
cnnvd
CVE
CVE-2025-40800
9 Dec 202510:44
cve
Cvelist
CVE-2025-40800
9 Dec 202510:44
cvelist
EUVD
EUVD-2025-201929
9 Dec 202518:30
euvd
ICS
Siemens IAM Client
9 Dec 202500:00
ics
NCSC
Vulnerabilities fixed in Siemens products
9 Dec 202513:15
ncsc
NVD
CVE-2025-40800
9 Dec 202516:17
nvd
Positive Technologies
PT-2025-49832
9 Dec 202500:00
ptsecurity
RedhatCVE
CVE-2025-40800
9 Jan 202608:45
redhatcve
Rows per page
Vulners
Node
OROR
siemens_agsiemens_nxRange<2412.8700
OR
siemens_agsiemens_nxRange<2506.6000
OR
siemens_agsimcenter_3dRange<2506.6000
OR

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

16 Dec 2025 00:00Current
7.3High risk
Vulners AI Score7.3
CVSS 27.1
CVSS 37.4
EPSS0.00185
2