CVE-2025-40812
BaseFortify
Publication date: 2025-10-14
Last updated on: 2025-10-16
Assigner: Siemens AG
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| siemens | solid_edge_se2024 | * |
| siemens | solid_edge_se2024 | 224.0 |
| siemens | solid_edge_se2024 | 224.0 |
| siemens | solid_edge_se2024 | 224.0 |
| siemens | solid_edge_se2024 | 224.0 |
| siemens | solid_edge_se2024 | 224.0 |
| siemens | solid_edge_se2024 | 224.0 |
| siemens | solid_edge_se2024 | 224.0 |
| siemens | solid_edge_se2024 | 224.0 |
| siemens | solid_edge_se2024 | 224.0 |
| siemens | solid_edge_se2024 | 224.0 |
| siemens | solid_edge_se2024 | 224.0 |
| siemens | solid_edge_se2024 | 224.0 |
| siemens | solid_edge_se2024 | 224.0 |
| siemens | solid_edge_se2024 | 224.0 |
| siemens | solid_edge_se2025 | * |
| siemens | solid_edge_se2025 | 225.0 |
| siemens | solid_edge_se2025 | 225.0 |
| siemens | solid_edge_se2025 | 225.0 |
| siemens | solid_edge_se2025 | 225.0 |
| siemens | solid_edge_se2025 | 225.0 |
| siemens | solid_edge_se2025 | 225.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an out of bounds read issue in Solid Edge SE2024 and SE2025 versions before certain updates. It occurs when the application parses specially crafted PRT files, which can lead to the application crashing or allowing an attacker to execute code within the context of the current process.
How can this vulnerability impact me? :
The vulnerability can impact you by causing the Solid Edge application to crash or potentially allowing an attacker to execute arbitrary code with the same privileges as the application, which could lead to unauthorized actions or compromise of your system.