CVE-2025-40744 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-40744 PUBLISHED CVSS 7.5 HIGH

A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 11). Affected applications do not properly validate client certificates to connect to License Service endpoint. This could allow an unauthenticated remote attacker to perform man in the middle attacks.

EPSS 0.03% · 7.4th percentile

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score

0.03%

7.4th percentile

Affected Products

Vendor	Product	Versions
Siemens	Solid Edge SE2025	0

Timeline

Nov 11, 2025 CVE Published
Nov 11, 2025 PoC Published
Nov 12, 2025 EPSS Score
Nov 12, 2025 PoC Published
Nov 13, 2025 PoC Published
Nov 17, 2025 EPSS Score
Nov 21, 2025 EPSS Score
Nov 26, 2025 EPSS Score
Nov 30, 2025 EPSS Score
Dec 5, 2025 EPSS Score
Dec 10, 2025 EPSS Score
Dec 14, 2025 EPSS Score

References

Open in Interactive Console →