CVE-2025-40745_CVE-2025-40745

3.7 / 10

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Description

A vulnerability has been identified in Siemens Software Center (All versions < V3.5.8.2), Simcenter 3D (All versions < V2506.6000), Simcenter Femap (All versions < V2506.0002), Simcenter STAR-CCM+ (All versions < V2602), Solid Edge SE2025 (All versions < V225.0 Update 13), Solid Edge SE2026 (All versions < V226.0 Update 04), Tecnomatix Plant Simulation (All versions < V2504.0008). Affected applications do not properly validate client certificates to connect to Analytics Service endpoint. This could allow an unauthenticated remote attacker to perform man in the middle attacks.

Basic Information

ID CVE-2025-40745

Source siemens

Published Apr 14, 2026 at 08:40

Affected Product

Vendor Siemens

Product Siemens Software Center

Affected Versions Siemens Siemens Software Center 0
Siemens Simcenter 3D 0
Siemens Simcenter Femap 0
Siemens Simcenter STAR-CCM+ 0
Siemens Solid Edge SE2025 0
Siemens Solid Edge SE2026 0
Siemens Tecnomatix Plant Simulation 0

CWE Classification

CWE-295

References

cert-portal.siemens.com /productcert/html/ssa-981622.html

{
    "lastseen": "",
    "description": "A vulnerability has been identified in Siemens Software Center (All versions < V3.5.8.2), Simcenter 3D (All versions < V2506.6000), Simcenter Femap (All versions < V2506.0002), Simcenter STAR-CCM+ (All versions < V2602), Solid Edge SE2025 (All versions < V225.0 Update 13), Solid Edge SE2026 (All versions < V226.0 Update 04), Tecnomatix Plant Simulation (All versions < V2504.0008). Affected applications do not properly validate client certificates to connect to Analytics Service endpoint. This could allow an unauthenticated remote attacker to perform man in the middle attacks.",
    "published": "2026-04-14T08:40:38.637Z",
    "modified": "2026-04-14T08:40:38.637Z",
    "type": "cve",
    "title": "CVE-2025-40745",
    "source": "siemens",
    "references": "https://cert-portal.siemens.com/productcert/html/ssa-981622.html",
    "id": "CVE-2025-40745",
    "bulletinFamily": "",
    "cwe": [
        "CWE-295"
    ],
    "cvelist": null,
    "sourceData": "Siemens Siemens Software Center 0\nSiemens Simcenter 3D 0\nSiemens Simcenter Femap 0\nSiemens Simcenter STAR-CCM+ 0\nSiemens Solid Edge SE2025 0\nSiemens Solid Edge SE2026 0\nSiemens Tecnomatix Plant Simulation 0",
    "sourceHref": "",
    "cvss": {
        "score": 3.7,
        "severity": "LOW",
        "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Siemens Software Center",
    "version": "0",
    "vendor": "Siemens",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}