VDB
CVE-2025-40936
CVE-2025-40936
PUBLISHED
CVSS 7.800000190734863 HIGH
A vulnerability has been identified in PS/IGES Parasolid Translator Component (All versions < V29.0.258). The affected applications contains an out of bounds read vulnerability while parsing specially crafted IGS files. This could allow an attacker to crash the application or execute code in the context of the current process. (ZDI-CAN-26755)
EPSS 0.01% · 0.6th percentile
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
0.01%
0.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Solid Edge | 0 |
| Siemens | PS/IGES Parasolid Translator Component | 0 |
Exploit Intelligence
- CIRCL seen: CVE-2025-40936 (circl-sighting)
- CIRCL seen: CVE-2025-40936 (circl-sighting)
- CIRCL seen: CVE-2025-40936 (circl-sighting)
- https://cert-portal.siemens.com/productcert/html/ssa-241605.html (circl)
- https://cert-portal.siemens.com/productcert/html/ssa-445819.html (circl)
Timeline
- Nov 17, 2025 EPSS Score
- Nov 17, 2025 CVE Published
- Nov 17, 2025 PoC Published
- Nov 22, 2025 EPSS Score
- Nov 27, 2025 EPSS Score
- Dec 2, 2025 EPSS Score
- Dec 7, 2025 EPSS Score
- Dec 9, 2025 PoC Published
- Dec 12, 2025 EPSS Score
- Dec 17, 2025 EPSS Score
- Dec 22, 2025 EPSS Score
- Dec 27, 2025 EPSS Score