CVE-2025-40764
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-12
Last updated on: 2025-08-20
Assigner: Siemens AG
Description
Description
A vulnerability has been identified in Simcenter Femap V2406 (All versions < V2406.0003), Simcenter Femap V2412 (All versions < V2412.0002). The affected applications contains an out of bounds read vulnerability while parsing specially crafted BMP files. This could allow an attacker to execute code in the context of the current process.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| siemens | simcenter_femap | From 2406.0000 (inc) to 2406.0003 (exc) |
| siemens | simcenter_femap | From 2412.0000 (inc) to 2412.0002 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an out of bounds read issue in Simcenter Femap versions before V2406.0003 and V2412.0002. It occurs when the software parses specially crafted BMP files, which can lead to an attacker executing code within the context of the current process.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability could execute arbitrary code with the privileges of the affected application, potentially leading to unauthorized actions, data compromise, or system instability.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70