VDB

ICSA-25-345-05

ICSA-25-345-05 PUBLISHED CVSS 8.100000381469727 HIGH

Multiple Siemens products are affected by improper certificate validation in Siemens Advanced Licensing (SALT) Toolkit. This could allow an unauthenticated remote attacker to perform man in the middle attacks. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where fixes are not, or not yet available.

Risk Scores

CVSS 3.1
8.100000381469727
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Tecnomatix Plant Simulation
Simcenter Femap
COMOS V10.6
Simcenter System Architect
JT Bi-Directional Translator for STEP
Simcenter 3D
NX V2506
NX V2412
Simcenter Studio

Timeline

  • Dec 9, 2025 CVE Published
  • Mar 12, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›