CVE-2025-40764_CVE-2025-40764

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Description

A vulnerability has been identified in Simcenter Femap V2406 (All versions < V2406.0003), Simcenter Femap V2412 (All versions < V2412.0002). The affected applications contains an out of bounds read vulnerability while parsing specially crafted BMP files. This could allow an attacker to execute code in the context of the current process.

AI Analysis

An out of bounds read vulnerability in Simcenter Femap allows code execution via specially crafted BMP files.

Basic Information

ID CVE-2025-40764

Source siemens

Published Aug 12, 2025 at 11:17

Modified Aug 12, 2025 at 15:38

Affected Product

Vendor Siemens

Product Simcenter Femap V2406

Affected Versions Siemens Simcenter Femap V2406 0
Siemens Simcenter Femap V2412 0

CWE Classification

CWE-125

AI Assessment

AI Score 7.8 / 10

AI Severity HIGH

Vendor Siemens

Product Simcenter Femap

Version V2406 (All versions < V2406.0003), V2412 (All versions < V2412.0002)

References

cert-portal.siemens.com /productcert/html/ssa-674084.html

{
    "lastseen": "",
    "description": "A vulnerability has been identified in Simcenter Femap V2406 (All versions < V2406.0003), Simcenter Femap V2412 (All versions < V2412.0002). The affected applications contains an out of bounds read vulnerability while parsing specially crafted BMP files. This could allow an attacker to execute code in the context of the current process.",
    "published": "2025-08-12T11:17:14.577Z",
    "modified": "2025-08-12T15:38:05.698Z",
    "type": "cve",
    "title": "CVE-2025-40764",
    "source": "siemens",
    "references": "https://cert-portal.siemens.com/productcert/html/ssa-674084.html",
    "id": "CVE-2025-40764",
    "bulletinFamily": "",
    "cwe": [
        "CWE-125"
    ],
    "cvelist": null,
    "sourceData": "Siemens Simcenter Femap V2406 0\nSiemens Simcenter Femap V2412 0",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Simcenter Femap V2406",
    "version": "0",
    "vendor": "Siemens",
    "ai_description": "An out of bounds read vulnerability in Simcenter Femap allows code execution via specially crafted BMP files.",
    "ai_severity": "HIGH",
    "ai_vendor": "Siemens",
    "ai_product": "Simcenter Femap",
    "ai_version": "V2406 (All versions < V2406.0003), V2412 (All versions < V2412.0002)",
    "ai_score": 7.8
}