CVE-2025-40800
Vulnerability Description
A vulnerability has been identified in COMOS V10.6 (All versions), COMOS V10.6 (All versions), NX V2412 (All versions < V2412.8700), NX V2506 (All versions < V2506.6000), Simcenter 3D (All versions < V2506.6000), Simcenter Femap (All versions < V2506.0002), Solid Edge SE2025 (All versions < V225.0 Update 10), Solid Edge SE2026 (All versions < V226.0 Update 1). The IAM client in affected products is missing server certificate validation while establishing TLS connections to the authorization server. This could allow an attacker to perform a man-in-the-middle attack.
Vulnerability Details
Published Date
Last Modified
Source
MITRE
Vendor
Siemens
Product
COMOS V10.6, NX V2412, NX V2506, Simcenter 3D, Simcenter Femap, Solid Edge SE2025, Solid Edge SE2026
Discussion (0)
Add Comment
No comments yet. Be the first!