Back to CVE List

CVE-2025-40800

Vulnerability Description

A vulnerability has been identified in COMOS V10.6 (All versions), COMOS V10.6 (All versions), NX V2412 (All versions < V2412.8700), NX V2506 (All versions < V2506.6000), Simcenter 3D (All versions < V2506.6000), Simcenter Femap (All versions < V2506.0002), Solid Edge SE2025 (All versions < V225.0 Update 10), Solid Edge SE2026 (All versions < V226.0 Update 1). The IAM client in affected products is missing server certificate validation while establishing TLS connections to the authorization server. This could allow an attacker to perform a man-in-the-middle attack.

Vulnerability Details

Published Date
Last Modified
Source
MITRE
Vendor
Siemens
Product
COMOS V10.6, NX V2412, NX V2506, Simcenter 3D, Simcenter Femap, Solid Edge SE2025, Solid Edge SE2026

External References

Discussion (0)

Add Comment

No comments yet. Be the first!