CVE-2025-40800 - Vulnerability Details

A vulnerability has been identified in COMOS V10.6 (All versions), COMOS V10.6 (All versions), NX V2412 (All versions < V2412.8700), NX V2506 (All versions < V2506.6000), Simcenter 3D (All versions < V2506.6000), Simcenter Femap (All versions < V2506.0002), Solid Edge SE2025 (All versions < V225.0 Update 10), Solid Edge SE2026 (All versions < V226.0 Update 1). The IAM client in affected products is missing server certificate validation while establishing TLS connections to the authorization server. This could allow an attacker to perform a man-in-the-middle attack.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements Present

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Siemens	Comos Nx Simcenter 3d Simcenter Femap Solid Edge Se2025 Solid Edge Se2026

No data.

References

Link	Providers
https://cert-portal.siemens.com/productcert/html/ssa-212953.html
https://cert-portal.siemens.com/productcert/html/ssa-868571.html

History

Wed, 10 Dec 2025 18:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Siemens Siemens comos Siemens nx Siemens simcenter 3d Siemens simcenter Femap Siemens solid Edge Se2025 Siemens solid Edge Se2026
Vendors & Products		Siemens Siemens comos Siemens nx Siemens simcenter 3d Siemens simcenter Femap Siemens solid Edge Se2025 Siemens solid Edge Se2026

Tue, 09 Dec 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 09 Dec 2025 11:00:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability has been identified in COMOS V10.6 (All versions), COMOS V10.6 (All versions), NX V2412 (All versions < V2412.8700), NX V2506 (All versions < V2506.6000), Simcenter 3D (All versions < V2506.6000), Simcenter Femap (All versions < V2506.0002), Solid Edge SE2025 (All versions < V225.0 Update 10), Solid Edge SE2026 (All versions < V226.0 Update 1). The IAM client in affected products is missing server certificate validation while establishing TLS connections to the authorization server. This could allow an attacker to perform a man-in-the-middle attack.
Weaknesses		CWE-295
References		https://cert-portal.siemens.com/productcert/html/ssa-212953.html https://cert-portal.siemens.com/productcert/html/ssa-868571.html
Metrics		cvssV3_1 `{'score': 7.4, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N'}` cvssV4_0 `{'score': 9.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2025-12-09T10:44:23.488Z

Updated: 2025-12-09T14:27:15.289Z

Reserved: 2025-04-16T08:50:26.973Z

Link: CVE-2025-40800

Vulnrichment

Updated: 2025-12-09T14:27:12.744Z

NVD

Status : Awaiting Analysis

Published: 2025-12-09T16:17:45.073

Modified: 2025-12-09T18:36:53.557

Link: CVE-2025-40800

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements Present

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object