SSA-710408 — Vulnetix

SSA-710408 PUBLISHED CVSS 8.100000381469727 HIGH

Multiple Siemens products are affected by improper certificate validation in Siemens Advanced Licensing (SALT) Toolkit. This could allow an unauthenticated remote attacker to perform man in the middle attacks. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where fixes are not, or not yet available.

Risk Scores

CVSS v3.1

8.100000381469727

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
	NX V2412
	Tecnomatix Plant Simulation
	COMOS V10.6
	Simcenter System Architect
	NX V2506
	Simcenter Femap
	Simcenter Studio
	Simcenter 3D
	JT Bi-Directional Translator for STEP

Timeline

Dec 9, 2025 CVE Published
Mar 10, 2026 CVE Updated

References

https://cert-portal.siemens.com/productcert/html/ssa-710408.html advisory
https://cert-portal.siemens.com/productcert/csaf/ssa-710408.json advisory
https://support.sw.siemens.com/product/222981661/ fix
https://support.sw.siemens.com/product/209349590/ fix
https://support.sw.siemens.com/product/297028302/ fix
https://support.sw.siemens.com/product/273211926/ fix
https://support.sw.siemens.com/product/275652363/ fix
https://support.sw.siemens.com/product/289054037/ fix

Open in Interactive Console →