CVE-2025-40801 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-40801 PUBLISHED CVSS 8.100000381469727 HIGH

A vulnerability has been identified in COMOS V10.6 (All versions < V10.6.1), COMOS V10.6 (All versions < V10.6.1), JT Bi-Directional Translator for STEP (All versions), NX V2412 (All versions < V2412.8900 with Cloud Entitlement (bundled as NX X)), NX V2506 (All versions < V2506.6000 with Cloud Entitlement (bundled as NX X)), Simcenter 3D (All versions < V2506.6000 with Cloud Entitlement (bundled as Simcenter X Mechanical)), Simcenter Femap (All versions < V2506.0002 with Cloud Entitlement (bundled as Simcenter X Mechanical)), Simcenter Studio (All versions < V2506.0001), Simcenter System Architect (All versions < V2506.0001), Tecnomatix Plant Simulation (All versions < V2504.0007). The SALT SDK is missing server certificate validation while establishing TLS connections to the authorization server. This could allow an attacker to perform a man-in-the-middle attack.

EPSS 0.03% · 8.6th percentile

Risk Scores

CVSS v3.1

8.100000381469727

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.03%

8.6th percentile

Affected Products

Vendor	Product	Versions
Siemens	Simcenter Femap	0
Siemens	JT Bi-Directional Translator for STEP	0
Siemens	Simcenter 3D	0
Siemens	Simcenter Studio	0
Siemens	COMOS V10.6	0, 0
Siemens	NX V2506	0
Siemens	Tecnomatix Plant Simulation	0
Siemens	NX V2412	0
Siemens	Simcenter System Architect	0

Timeline

Apr 16, 2025 CVE ID Reserved
Dec 9, 2025 EPSS Score
Dec 9, 2025 CVE Published
Dec 9, 2025 PoC Published
Dec 11, 2025 PoC Published
Dec 13, 2025 EPSS Score
Dec 16, 2025 EPSS Score
Dec 20, 2025 EPSS Score
Dec 24, 2025 EPSS Score
Dec 27, 2025 EPSS Score
Dec 31, 2025 EPSS Score
Jan 4, 2026 EPSS Score

References

Open in Interactive Console →