CVE-2025-40745
CVSS Score
3.7
EPSS Score
0.0%
EPSS Percentile
4th
A vulnerability has been identified in Siemens Software Center (All versions < V3.5.8.2), Simcenter 3D (All versions < V2506.6000), Simcenter Femap (All versions < V2506.0002), Simcenter STAR-CCM+ (All versions < V2602), Solid Edge SE2025 (All versions < V225.0 Update 13), Solid Edge SE2026 (All versions < V226.0 Update 04), Tecnomatix Plant Simulation (All versions < V2504.0008). Affected applications do not properly validate client certificates to connect to Analytics Service endpoint. This could allow an unauthenticated remote attacker to perform man in the middle attacks.
| CWE | CWE-295 |
| Vendor | siemens |
| Product | siemens software center |
| Ecosystems | |
| Industries | IndustrialManufacturing |
| Published | Apr 14, 2026 |
| Last Updated | Apr 14, 2026 |
Stay Ahead of the Next One
Get instant alerts for siemens siemens software center
Be the first to know when new low vulnerabilities affecting siemens siemens software center are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
Siemens / Siemens Software Center
0 < V3.5.8.2
Siemens / Simcenter 3D
0 < V2506.6000
Siemens / Simcenter Femap
0 < V2506.0002
Siemens / Simcenter STAR-CCM+
0 < V2602
Siemens / Solid Edge SE2025
0 < V225.0 Update 13
Siemens / Solid Edge SE2026
0 < V226.0 Update 04
Siemens / Tecnomatix Plant Simulation
0 < V2504.0008