CVE-2025-40801
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-09

Last updated on: 2026-03-10

Assigner: Siemens AG

Description
A vulnerability has been identified in COMOS V10.6 (All versions < V10.6.1), COMOS V10.6 (All versions < V10.6.1), JT Bi-Directional Translator for STEP (All versions), NX V2412 (All versions < V2412.8900 with Cloud Entitlement (bundled as NX X)), NX V2506 (All versions < V2506.6000 with Cloud Entitlement (bundled as NX X)), Simcenter 3D (All versions < V2506.6000 with Cloud Entitlement (bundled as Simcenter X Mechanical)), Simcenter Femap (All versions < V2506.0002 with Cloud Entitlement (bundled as Simcenter X Mechanical)), Simcenter Studio (All versions < V2506.0001), Simcenter System Architect (All versions < V2506.0001), Tecnomatix Plant Simulation (All versions < V2504.0007). The SALT SDK is missing server certificate validation while establishing TLS connections to the authorization server. This could allow an attacker to perform a man-in-the-middle attack.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-09
Last Modified
2026-03-10
Generated
2026-06-16
AI Q&A
2025-12-09
EPSS Evaluated
2026-06-15
NVD
CVE-2025-40801
EUVD
EUVD-2025-201928
Affected Vendors & Products
Showing 9 associated CPEs
Vendor Product Version / Range
siemens simcenter_3d *
siemens simcenter_studio *
siemens tecnomatix_plant_simulation *
siemens nx 2412
siemens jt_bi_directional_translator_for_step *
siemens simcenter_femap *
siemens nx 2506
siemens comos 10.6
siemens simcenter_system_architect *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-295 The product does not validate, or incorrectly validates, a certificate.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in multiple Siemens software products where the SALT SDK does not validate server certificates when establishing TLS connections to the authorization server. This flaw could allow an attacker to perform a man-in-the-middle attack by intercepting or altering communications.

Impact Analysis

The vulnerability can lead to a man-in-the-middle attack, potentially allowing attackers to intercept, modify, or steal sensitive data transmitted between the software and the authorization server. This can compromise confidentiality, integrity, and availability of the affected systems.

Compliance Impact

The vulnerability allows man-in-the-middle (MITM) attacks due to missing server certificate validation during TLS connections, which can compromise confidentiality, integrity, and availability of data. Such compromises can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and secure communications. Siemens recommends applying updates and countermeasures, protecting network access, and following operational security guidelines to mitigate these risks and help maintain compliance. [1, 2]

Mitigation Strategies

Immediate mitigation steps include updating affected Siemens products to the latest versions where fixes are available, such as NX V2412.8900 or later, NX V2506.6000 or later, Simcenter 3D V2506.6000 or later, Simcenter Femap V2506.0002 or later, and Tecnomatix Plant Simulation V2504.0007 or later. For products without available fixes, implement recommended countermeasures such as protecting network access with appropriate security mechanisms and configuring operational environments according to Siemens' Industrial Security operational guidelines. Refer to Siemens' product manuals and security advisories for detailed configuration and mitigation steps. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-40801. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart