VDB

CVE-2025-40744

CVE-2025-40744 PUBLISHED CVSS 7.5 HIGH

A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 11). Affected applications do not properly validate client certificates to connect to License Service endpoint. This could allow an unauthenticated remote attacker to perform man in the middle attacks.

EPSS 0.03% · 7.4th percentile

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
0.03%
7.4th percentile

Affected Products

VendorProductVersions
SiemensSolid Edge SE20250

Timeline

  • Nov 11, 2025 CVE Published
  • Nov 11, 2025 PoC Published
  • Nov 12, 2025 EPSS Score
  • Nov 12, 2025 PoC Published
  • Nov 13, 2025 PoC Published
  • Nov 17, 2025 EPSS Score
  • Nov 22, 2025 EPSS Score
  • Nov 27, 2025 EPSS Score
  • Dec 3, 2025 EPSS Score
  • Dec 8, 2025 EPSS Score
  • Dec 13, 2025 EPSS Score
  • Dec 18, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›