CVE-2025-40936

HIGH 7.8

CVSS Score

7.8

EPSS Score

0.0%

EPSS Percentile

1th

A vulnerability has been identified in PS/IGES Parasolid Translator Component (All versions < V29.0.258), Simcenter Femap (All versions < V2512.0003), Solid Edge (All versions < V226.00 Update 03). The affected applications contains an out of bounds read vulnerability while parsing specially crafted IGS files. This could allow an attacker to crash the application or execute code in the context of the current process. (ZDI-CAN-26755)

CWE	CWE-125
Vendor	siemens
Product	ps/iges parasolid translator component
Ecosystems	ICS/SCADA
Industries	IndustrialManufacturing
Published	Nov 17, 2025
Last Updated	Jun 9, 2026

Stay Ahead of the Next One

Get instant alerts for siemens ps/iges parasolid translator component

Be the first to know when new high vulnerabilities affecting siemens ps/iges parasolid translator component are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

Siemens / PS/IGES Parasolid Translator Component

0 < V29.0.258

Siemens / Simcenter Femap

0 < V2512.0003

Siemens / Solid Edge

0 < V226.00 Update 03

References

NVD ↗ CVE.org ↗ EPSS Data ↗

cert-portal.siemens.com: https://cert-portal.siemens.com/productcert/html/ssa-241605.html cert-portal.siemens.com: https://cert-portal.siemens.com/productcert/html/ssa-445819.html cert-portal.siemens.com: https://cert-portal.siemens.com/productcert/html/ssa-870926.html