1684 matches found
CVE-2025-40800
CVE-2025-40800 affects Siemens products including COMOS, NX, Simcenter 3D/Femap, and Solid Edge. The IAM client in these products fails to validate server certificates when establishing TLS connections to the authorization server, enabling potential man-in-the-middle attacks. Affected versions in...
CVE-2025-40800
A vulnerability has been identified in COMOS V10.6 All versions V10.6.1, COMOS V10.6 All versions V10.6.1, NX V2412 All versions V2412.8700, NX V2506 All versions V2506.6000, Simcenter 3D All versions V2506.6000, Simcenter Femap All versions V2506.0002, Solid Edge SE2025 All versions V225.0 Updat...
PT-2025-49832
Name of the Vulnerable Software and Affected Versions COMOS versions prior to V10.6 NX versions prior to V2412.8700 NX versions prior to V2506.6000 Simcenter 3D versions prior to V2506.6000 Simcenter Femap versions prior to V2506.0002 Solid Edge SE2025 versions prior to V225.0 Update 10 Solid Edg...
Siemens多款产品 信任管理问题漏洞
Siemens Simcenter Femap and others are products of Siemens, a German company.Siemens Simcenter Femap is a cutting-edge engineering simulation application.Siemens NX is Siemens COMOS is a process industry operations management software. A trust management issue vulnerability exists in various...
PT-2025-48702
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with elevated privileges to read and modify the Appliance SSD contents because they are unencrypted...
CVE-2025-40936
A vulnerability has been identified in PS/IGES Parasolid Translator Component All versions V29.0.258, Solid Edge All versions V226.00 Update 03. The affected applications contains an out of bounds read vulnerability while parsing specially crafted IGS files. This could allow an attacker to crash...
Siemens Solid Edge DLL Hijacking (SSA-365596)
The version of Siemens Solid Edge installed on the remote Windows host is prior to SE2025 V225.0 Update 10. It is, therefore, affected by a DLL hijacking vulnerability. The affected application is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code via placing a...
CISA Releases 18 Industrial Control Systems Advisories
CISA released 18 Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-317-01 Mitsubishi Electric MELSEC iQ-F Series ICSA-25-317-02 AVEVA Application Server IDE ICSA-25-317-03...
EUVD-2025-117082
Malicious code in solid-rose-mole npm...
EUVD-2025-117083
Malicious code in solid-coral-vole npm...
CVE-2025-40827
A vulnerability has been identified in Siemens Software Center All versions V3.5, Solid Edge SE2025 All versions V225.0 Update 10. The affected application is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system...
CVE-2025-40744
A vulnerability has been identified in Solid Edge SE2025 All versions V225.0 Update 11. Affected applications do not properly validate client certificates to connect to License Service endpoint. This could allow an unauthenticated remote attacker to perform man in the middle attacks...
EUVD-2025-102132
Malicious code in solidllamaz3n npm...
EUVD-2025-102129
Malicious code in solidunicornz3n npm...
EUVD-2025-102130
Malicious code in solidtigerz3n npm...
CVE-2025-40827
Affected products and versions: Siemens Software Center (all versions < V3.5) and Solid Edge SE2025 (all versions
CVE-2025-40827
A vulnerability has been identified in Siemens Software Center All versions V3.5, Solid Edge SE2025 All versions V225.0 Update 10. The affected application is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system...
CVE-2025-40827
A vulnerability has been identified in Siemens Software Center All versions V3.5, Solid Edge SE2025 All versions V225.0 Update 10. The affected application is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system...
CVE-2025-40744
Summary: CVE-2025-40744 affects Solid Edge SE2025 prior to V225.0 Update 11, where the License Service endpoint fails to properly validate client certificates, enabling a potential man-in-the-middle for unauthenticated attackers. Both Red Hat and PT security sources confirm the issue and the affe...
CVE-2025-40744
A vulnerability has been identified in Solid Edge SE2025 All versions V225.0 Update 11. Affected applications do not properly validate client certificates to connect to License Service endpoint. This could allow an unauthenticated remote attacker to perform man in the middle attacks...