SSA-522291 — Vulnetix

SSA-522291 PUBLISHED CVSS 7.5 HIGH

Solid Edge is affected by improper certificate validation while connecting to License Service endpoint. This could allow an unauthenticated remote attacker to perform man in the middle attacks. Siemens has released a new version for Solid Edge SE2025 and recommends to update to the latest version.

Risk Scores

CVSS 3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products

Vendor	Product	Versions
	Solid Edge SE2025

Exploit Intelligence

https://cert-portal.siemens.com/productcert/html/ssa-522291.html (circl)
https://cert-portal.siemens.com/productcert/csaf/ssa-522291.json (circl)
https://support.sw.siemens.com/product/246738425/ (circl)

Timeline

Nov 11, 2025 CVE Published

References

https://cert-portal.siemens.com/productcert/html/ssa-522291.html advisory
https://cert-portal.siemens.com/productcert/csaf/ssa-522291.json advisory
https://support.sw.siemens.com/product/246738425/ fix

Open in Interactive Console →