CVE-2026-22923
Awaiting Analysis Awaiting Analysis - Queue
Data Validation Flaw in NX PDF Export Enables Code Execution

Publication date: 2026-02-10

Last updated on: 2026-03-10

Assigner: Siemens AG

Description
A vulnerability has been identified in NX (All versions < V2512), NX (Managed Mode) (All versions < V2512). The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially lead to arbitrary code execution.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-10
Last Modified
2026-03-10
Generated
2026-06-16
AI Q&A
2026-02-10
EPSS Evaluated
2026-06-15
NVD
CVE-2026-22923
EUVD
EUVD-2026-6743
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
siemens nx to 2512.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability affects Siemens NX software versions prior to V2512 and is a data validation flaw occurring during the PDF export process.

An attacker with local access on a compromised system can manipulate internal data, which can lead to arbitrary code execution.

The vulnerability is classified as a stack-based buffer overflow (CWE-121).

Impact Analysis

If exploited, this vulnerability allows an attacker with local access to execute arbitrary code on the affected system.

This can lead to unauthorized control over the system, potentially compromising data integrity, confidentiality, and availability.

Because the attack requires local access, the risk is higher in environments where multiple users have system access or where endpoint security is weak.

Compliance Impact

I don't know

Detection Guidance

The vulnerability in Siemens NX prior to version V2512 is a local data validation issue during the PDF export process that can lead to arbitrary code execution. Detection primarily involves monitoring for signs of exploitation or anomalous behavior on systems running affected versions.

Siemens recommends continuous monitoring and maintaining robust endpoint security to detect potential exploitation attempts. However, no specific detection commands or network signatures are provided in the available resources.

Mitigation Strategies

[{'type': 'paragraph', 'content': 'To mitigate this vulnerability, immediately upgrade Siemens NX to version V2512 or later, which contains the fix for this issue.'}, {'type': 'paragraph', 'content': 'Additional mitigation steps include maintaining strong system hygiene by keeping systems fully patched, implementing robust endpoint security measures, and continuously monitoring systems to prevent initial infection.'}, {'type': 'paragraph', 'content': "Siemens also recommends protecting network access to devices running NX and configuring environments according to Siemens' operational guidelines for Industrial Security."}] [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-22923. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart