CVE-2026-22923
Data Validation Flaw in NX PDF Export Enables Code Execution
Publication date: 2026-02-10
Last updated on: 2026-03-10
Assigner: Siemens AG
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| siemens | nx | to 2512.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects Siemens NX software versions prior to V2512 and is a data validation flaw occurring during the PDF export process.
An attacker with local access on a compromised system can manipulate internal data, which can lead to arbitrary code execution.
The vulnerability is classified as a stack-based buffer overflow (CWE-121).
How can this vulnerability impact me? :
If exploited, this vulnerability allows an attacker with local access to execute arbitrary code on the affected system.
This can lead to unauthorized control over the system, potentially compromising data integrity, confidentiality, and availability.
Because the attack requires local access, the risk is higher in environments where multiple users have system access or where endpoint security is weak.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The vulnerability in Siemens NX prior to version V2512 is a local data validation issue during the PDF export process that can lead to arbitrary code execution. Detection primarily involves monitoring for signs of exploitation or anomalous behavior on systems running affected versions.
Siemens recommends continuous monitoring and maintaining robust endpoint security to detect potential exploitation attempts. However, no specific detection commands or network signatures are provided in the available resources.
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'To mitigate this vulnerability, immediately upgrade Siemens NX to version V2512 or later, which contains the fix for this issue.'}, {'type': 'paragraph', 'content': 'Additional mitigation steps include maintaining strong system hygiene by keeping systems fully patched, implementing robust endpoint security measures, and continuously monitoring systems to prevent initial infection.'}, {'type': 'paragraph', 'content': "Siemens also recommends protecting network access to devices running NX and configuring environments according to Siemens' operational guidelines for Industrial Security."}] [1]