VDB
CVE-2025-40764
CVE-2025-40764
PUBLISHED
CVSS 7.800000190734863 HIGH
A vulnerability has been identified in Simcenter Femap V2406 (All versions < V2406.0003), Simcenter Femap V2412 (All versions < V2412.0002). The affected applications contains an out of bounds read vulnerability while parsing specially crafted BMP files. This could allow an attacker to execute code in the context of the current process.
EPSS 0.03% · 7.5th percentile
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
0.03%
7.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Simcenter Femap V2406 | 0 |
| Siemens | Simcenter Femap V2412 | 0 |
| siemens | simcenter_femap | 2412.0000, 2406.0000 |
Exploit Intelligence
- CIRCL seen: CVE-2025-40764 (circl-sighting)
- CIRCL seen: CVE-2025-40764 (circl-sighting)
- https://cert-portal.siemens.com/productcert/html/ssa-674084.html (circl)
Timeline
- Aug 12, 2025 EPSS Score
- Aug 12, 2025 Coalition ESS Score
- Aug 12, 2025 CVE Published
- Aug 12, 2025 PoC Published
- Aug 14, 2025 PoC Published
- Aug 20, 2025 EPSS Score
- Aug 20, 2025 Coalition ESS Score
- Aug 22, 2025 Coalition ESS Score
- Aug 26, 2025 Coalition ESS Score
- Aug 29, 2025 EPSS Score
- Sep 6, 2025 EPSS Score
- Sep 14, 2025 EPSS Score