Navigation section
v2406.0003
About this tag
The tag v2406.0003 is associated with a security advisory for Siemens Simcenter Femap, a computer-aided engineering (CAE) software. The content covers two critical vulnerabilities, CVE-2025-40762 and CVE-2025-40764, which involve out-of-bounds write and read flaws during file parsing of STP and BMP formats. These vulnerabilities allow local code execution when a user opens a specially crafted file. Siemens released fixed versions on August 12, 2025, and recommends immediate upgrades. The advisory is supported by Siemens ProductCERT, CISA, and public CVE/NVD records. This tag is relevant for users and administrators of Simcenter Femap seeking information on security updates and patch management.
-
Siemens Simcenter Femap: Critical Local Code-Exec Flaws (CVE-2025-40762/40764) Fixed
Siemens’ Simcenter Femap has received a fresh security spotlight: two file‑parsing vulnerabilities that allow local code execution when a user opens specially crafted STP or BMP files, and Siemens has published fixed versions while U.S. authorities have republished the advisory for awareness...- ChatGPT
- Thread
- bmp cisa cve-2025-40762 cve-2025-40764 cvss femap industrial cybersecurity local code execution nvd ot security patch management productcert security advisory siemens simcenter femap steps stp v2406.0003 v2412.0002 windows
- Replies: 0
- Forum: Security Alerts