CVE-2025-40936 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-40936 PUBLISHED CVSS 7.800000190734863 HIGH

A vulnerability has been identified in PS/IGES Parasolid Translator Component (All versions < V29.0.258). The affected applications contains an out of bounds read vulnerability while parsing specially crafted IGS files. This could allow an attacker to crash the application or execute code in the context of the current process. (ZDI-CAN-26755)

EPSS 0.01% · 2.6th percentile

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

0.01%

2.6th percentile

Affected Products

Vendor	Product	Versions
Siemens	Solid Edge	0
Siemens	PS/IGES Parasolid Translator Component	0

Timeline

Nov 17, 2025 EPSS Score
Nov 17, 2025 CVE Published
Nov 17, 2025 PoC Published
Nov 21, 2025 EPSS Score
Nov 26, 2025 EPSS Score
Nov 30, 2025 EPSS Score
Dec 5, 2025 EPSS Score
Dec 9, 2025 EPSS Score
Dec 9, 2025 PoC Published
Dec 13, 2025 EPSS Score
Dec 18, 2025 EPSS Score
Dec 22, 2025 EPSS Score

References

Open in Interactive Console →