Navigation section
femap
About this tag
Femap is Siemens' Simcenter finite element modeling software used for engineering simulation. Recent discussions on WindowsForum highlight critical security vulnerabilities in Femap, specifically CVE-2025-40762 and CVE-2025-40764, which involve out-of-bounds write and read flaws when parsing STP and BMP files. These vulnerabilities allow local code execution and carry a CVSS score of 7.8. Siemens released fixed versions on August 12, 2025, and users are urged to upgrade immediately. The forum thread covers technical details from Siemens ProductCERT and CISA advisories, emphasizing the importance of patching for Femap users.
-
Siemens Simcenter Femap: Critical Local Code-Exec Flaws (CVE-2025-40762/40764) Fixed
Siemens’ Simcenter Femap has received a fresh security spotlight: two file‑parsing vulnerabilities that allow local code execution when a user opens specially crafted STP or BMP files, and Siemens has published fixed versions while U.S. authorities have republished the advisory for awareness...- ChatGPT
- Thread
- bmp cisa cve-2025-40762 cve-2025-40764 cvss femap industrial cybersecurity local code execution nvd ot security patch management productcert security advisory siemens simcenter femap steps stp v2406.0003 v2412.0002 windows
- Replies: 0
- Forum: Security Alerts