Vulnerability-Lookup

CVE-2026-23717 (GCVE-0-2026-23717)

Vulnerability from cvelistv5 – Published: 2026-02-10 09:58 – Updated: 2026-02-10 15:24

Summary

A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted XDB files. This could allow an attacker to execute code in the context of the current process.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.3 (High)


                        
                          CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-125 - Out-of-bounds Read

Assigner

siemens

References

URL

NCSC-2026-0051

Vulnerability from csaf_ncscnl - Published: 2026-02-10 12:27 - Updated: 2026-02-10 12:27

Summary

Kwetsbaarheden verholpen in Siemens producten

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Siemens heeft kwetsbaarheden verholpen in diverse producten als Desigo, NX, Polarion, SENTRON, Simcenter, SINEC, SIPORT, Siveillance, Solid Edge,

Interpretaties

De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: - Denial-of-Service (DoS) - Manipulatie van gegevens - Omzeilen van een beveiligingsmaatregel - (Remote) code execution (root/admin rechten) - Toegang tot systeemgegevens - Verhogen van rechten Van de SIPORT Desktop Client Application meldt Siemens dat deze verouderd is en niet voorzien van moderne beveiligingsmaatregelen. Siemens geeft aan deze ook niet meer in te bouwen en het onderhoud op de Desktop Client te stoppen. Siemens adviseert om over te schakelen naar de modernere web-management-omgeving. Wel heeft Siemens mitigerende maatregelen gepubliceerd in een Security Bulletin, om het risico zoveel als mogelijk te beperken tot de migratie is afgerond en de vaste Desktop Clients zijn uitgefaseerd. Voor succesvol misbruik van de genoemde kwetsbaarheden moet de kwaadwillende toegang hebben tot de productie-omgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.

Oplossingen

Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-121

Stack-based Buffer Overflow

CWE-122

Heap-based Buffer Overflow

CWE-125

Out-of-bounds Read

CWE-427

Uncontrolled Search Path Element

CWE-787

Out-of-bounds Write

CWE-862

Missing Authorization

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Siemens heeft kwetsbaarheden verholpen in diverse producten als Desigo, NX, Polarion, SENTRON, Simcenter, SINEC, SIPORT, Siveillance, Solid Edge,",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Omzeilen van een beveiligingsmaatregel\n- (Remote) code execution (root/admin rechten)\n- Toegang tot systeemgegevens\n- Verhogen van rechten\n\nVan de SIPORT Desktop Client Application meldt Siemens dat deze verouderd is en niet voorzien van moderne beveiligingsmaatregelen. Siemens geeft aan deze ook niet meer in te bouwen en het onderhoud op de Desktop Client te stoppen. Siemens adviseert om over te schakelen naar de modernere web-management-omgeving. Wel heeft Siemens mitigerende maatregelen gepubliceerd in een Security Bulletin, om het risico zoveel als mogelijk te beperken tot de migratie is afgerond en de vaste Desktop Clients zijn uitgefaseerd.\n\nVoor succesvol misbruik van de genoemde kwetsbaarheden moet de kwaadwillende toegang hebben tot de productie-omgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico\u0027s zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
        "title": "CWE-119"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Heap-based Buffer Overflow",
        "title": "CWE-122"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Uncontrolled Search Path Element",
        "title": "CWE-427"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Missing Authorization",
        "title": "CWE-862"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-035571.html"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-311973.html"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-445819.html"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-507364.html"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-535115.html"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-625934.html"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-965753.html"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://cert-portal.siemens.com/productcert/html/ssb-491780.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Siemens producten",
    "tracking": {
      "current_release_date": "2026-02-10T12:27:40.637581Z",
      "generator": {
        "date": "2025-08-04T16:30:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.3"
        }
      },
      "id": "NCSC-2026-0051",
      "initial_release_date": "2026-02-10T12:27:40.637581Z",
      "revision_history": [
        {
          "date": "2026-02-10T12:27:40.637581Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-1"
                }
              }
            ],
            "category": "product_name",
            "name": "Cpu 1518F-4 Pn/Dp Mfp Firmware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-2"
                }
              }
            ],
            "category": "product_name",
            "name": "Desigo CC family V6"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-3"
                }
              }
            ],
            "category": "product_name",
            "name": "Desigo CC family V7"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-4"
                }
              }
            ],
            "category": "product_name",
            "name": "Desigo CC family V8"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-5"
                }
              }
            ],
            "category": "product_name",
            "name": "Desigo CC family V9"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-6"
                }
              }
            ],
            "category": "product_name",
            "name": "NX"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-7"
                }
              }
            ],
            "category": "product_name",
            "name": "PS/IGES Parasolid Translator Component"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-8"
                }
              }
            ],
            "category": "product_name",
            "name": "Polarion V2404"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-9"
                }
              }
            ],
            "category": "product_name",
            "name": "Polarion V2410"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-10"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM APE1808"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-11"
                }
              }
            ],
            "category": "product_name",
            "name": "SENTRON Powermanager V6"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-12"
                }
              }
            ],
            "category": "product_name",
            "name": "SENTRON Powermanager V7"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-13"
                }
              }
            ],
            "category": "product_name",
            "name": "SENTRON Powermanager V8"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-14"
                }
              }
            ],
            "category": "product_name",
            "name": "SENTRON Powermanager V9"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-15"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC RTLS Locating Manager"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-16"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC RTLS Locating Manager (6GT2780-0DA00)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-17"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC RTLS Locating Manager (6GT2780-0DA10)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-18"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC RTLS Locating Manager (6GT2780-0DA20)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-19"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC RTLS Locating Manager (6GT2780-0DA30)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-20"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC RTLS Locating Manager (6GT2780-1EA10)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-21"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC RTLS Locating Manager (6GT2780-1EA20)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-22"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC RTLS Locating Manager (6GT2780-1EA30)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-23"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-24"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-25"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-26"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-27"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-28"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-29"
                }
              }
            ],
            "category": "product_name",
            "name": "SINEC NMS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-30"
                }
              }
            ],
            "category": "product_name",
            "name": "SINEC Network Management System"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-31"
                }
              }
            ],
            "category": "product_name",
            "name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-32"
                }
              }
            ],
            "category": "product_name",
            "name": "Simcenter Femap"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-33"
                }
              }
            ],
            "category": "product_name",
            "name": "Simcenter Nastran"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-34"
                }
              }
            ],
            "category": "product_name",
            "name": "Siveillance Video V2022 R3"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-35"
                }
              }
            ],
            "category": "product_name",
            "name": "Siveillance Video V2023 R1"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-36"
                }
              }
            ],
            "category": "product_name",
            "name": "Siveillance Video V2023 R2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-37"
                }
              }
            ],
            "category": "product_name",
            "name": "Siveillance Video V2023 R3"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-38"
                }
              }
            ],
            "category": "product_name",
            "name": "Siveillance Video V2024 R1"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-39"
                }
              }
            ],
            "category": "product_name",
            "name": "Siveillance Video V2025"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-40"
                }
              }
            ],
            "category": "product_name",
            "name": "Solid Edge"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-41"
                }
              }
            ],
            "category": "product_name",
            "name": "User Management Component (UMC)"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-38545",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        },
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "Recent updates across macOS, iOS, Oracle products, and Curl address multiple security vulnerabilities, including high-severity issues that could lead to remote code execution and data compromise.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-38545 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-38545.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41"
          ]
        }
      ],
      "title": "CVE-2023-38545"
    },
    {
      "cve": "CVE-2025-0836",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authorization",
          "title": "CWE-862"
        },
        {
          "category": "description",
          "text": "A vulnerability in Milestone Systems XProtect VMS allows users with read-only access to the Management Server to obtain full read/write access to the MIP Webhooks API.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-0836 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-0836.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41"
          ]
        }
      ],
      "title": "CVE-2025-0836"
    },
    {
      "cve": "CVE-2025-40587",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        },
        {
          "category": "description",
          "text": "A vulnerability in Polarion versions prior to V2404.5 and V2410.2 allows authenticated remote attackers to execute stored cross-site scripting attacks via arbitrary JavaScript code in document titles.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-40587 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40587.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41"
          ]
        }
      ],
      "title": "CVE-2025-40587"
    },
    {
      "cve": "CVE-2025-40936",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "description",
          "text": "A vulnerability in the PS/IGES Parasolid Translator Component and Solid Edge allows for an out of bounds read when parsing specially crafted IGS files, potentially enabling application crashes or code execution.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-40936 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40936.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41"
          ]
        }
      ],
      "title": "CVE-2025-40936"
    },
    {
      "cve": "CVE-2026-22923",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        },
        {
          "category": "description",
          "text": "A data validation vulnerability in NX (versions \u003c V2512) allows local attackers to manipulate internal data during PDF export, potentially leading to arbitrary code execution.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-22923 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-22923.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41"
          ]
        }
      ],
      "title": "CVE-2026-22923"
    },
    {
      "cve": "CVE-2026-23715",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "A vulnerability in Simcenter Femap and Simcenter Nastran (versions \u003c V2512) allows for an out of bounds write when parsing specially crafted XDB files, potentially enabling code execution by an attacker.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-23715 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-23715.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41"
          ]
        }
      ],
      "title": "CVE-2026-23715"
    },
    {
      "cve": "CVE-2026-23716",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "description",
          "text": "A vulnerability in Simcenter Femap and Simcenter Nastran (versions \u003c V2512) allows code execution due to an out of bounds read when parsing specially crafted XDB files.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-23716 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-23716.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41"
          ]
        }
      ],
      "title": "CVE-2026-23716"
    },
    {
      "cve": "CVE-2026-23717",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "description",
          "text": "A vulnerability in Simcenter Femap and Simcenter Nastran (versions \u003c V2512) allows attackers to execute code through an out of bounds read when processing specially crafted XDB files.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-23717 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-23717.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41"
          ]
        }
      ],
      "title": "CVE-2026-23717"
    },
    {
      "cve": "CVE-2026-23718",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "description",
          "text": "A vulnerability in Simcenter Femap and Simcenter Nastran (versions \u003c V2512) allows attackers to execute code through an out of bounds read when processing specially crafted NDB files.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-23718 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-23718.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41"
          ]
        }
      ],
      "title": "CVE-2026-23718"
    },
    {
      "cve": "CVE-2026-23719",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "description",
          "text": "A vulnerability in Simcenter Femap and Simcenter Nastran (versions \u003c V2512) allows for a heap-based buffer overflow when parsing specially crafted NDB files, potentially enabling code execution by an attacker.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-23719 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-23719.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41"
          ]
        }
      ],
      "title": "CVE-2026-23719"
    },
    {
      "cve": "CVE-2026-23720",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "description",
          "text": "A vulnerability in Simcenter Femap and Simcenter Nastran (versions \u003c V2512) allows attackers to execute code through an out of bounds read when processing specially crafted NDB files.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-23720 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-23720.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41"
          ]
        }
      ],
      "title": "CVE-2026-23720"
    },
    {
      "cve": "CVE-2026-25655",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Search Path Element",
          "title": "CWE-427"
        },
        {
          "category": "description",
          "text": "A vulnerability in SINEC NMS (versions \u003c V4.0 SP2) allows low-privileged users to modify a configuration file, potentially enabling arbitrary code execution with administrative privileges via malicious DLLs.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-25655 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25655.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41"
          ]
        }
      ],
      "title": "CVE-2026-25655"
    },
    {
      "cve": "CVE-2026-25656",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Search Path Element",
          "title": "CWE-427"
        },
        {
          "category": "description",
          "text": "A vulnerability in SINEC NMS allows low-privileged users to modify a configuration file, potentially enabling arbitrary code execution with SYSTEM privileges via malicious DLLs.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-25656 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25656.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41"
          ]
        }
      ],
      "title": "CVE-2026-25656"
    }
  ]
}

SSA-965753

Vulnerability from csaf_siemens - Published: 2026-02-10 00:00 - Updated: 2026-02-10 00:00

Summary

SSA-965753: Multiple File Parsing Vulnerabilities in Simcenter Femap and Nastran Before V2512

Notes

Summary

Siemens Simcenter Femap and Nastran is affected by multiple file parsing vulnerabilities that could be triggered when the application reads files in NDB and XDB formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution. Siemens has released new versions for the affected products and recommends to update to the latest versions.

General Recommendations

As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Siemens Simcenter Femap and Nastran is affected by multiple file parsing vulnerabilities that could be triggered when the application reads files in NDB and XDB formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\n\nSiemens has released new versions for the affected products and recommends to update to the latest versions.",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "productcert@siemens.com",
      "name": "Siemens ProductCERT",
      "namespace": "https://www.siemens.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-965753: Multiple File Parsing Vulnerabilities in Simcenter Femap and Nastran Before V2512 - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-965753.html"
      },
      {
        "category": "self",
        "summary": "SSA-965753: Multiple File Parsing Vulnerabilities in Simcenter Femap and Nastran Before V2512 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-965753.json"
      }
    ],
    "title": "SSA-965753: Multiple File Parsing Vulnerabilities in Simcenter Femap and Nastran Before V2512",
    "tracking": {
      "current_release_date": "2026-02-10T00:00:00Z",
      "generator": {
        "engine": {
          "name": "Siemens ProductCERT CSAF Generator",
          "version": "1"
        }
      },
      "id": "SSA-965753",
      "initial_release_date": "2026-02-10T00:00:00Z",
      "revision_history": [
        {
          "date": "2026-02-10T00:00:00Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        }
      ],
      "status": "interim",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003c2512",
                "product": {
                  "name": "Simcenter Femap",
                  "product_id": "1"
                }
              }
            ],
            "category": "product_name",
            "name": "Simcenter Femap"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003c2512",
                "product": {
                  "name": "Simcenter Nastran",
                  "product_id": "2"
                }
              }
            ],
            "category": "product_name",
            "name": "Simcenter Nastran"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-23715",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected applications contains an out of bounds write vulnerability while parsing specially crafted XDB files. This could allow an attacker to execute code in the context of the current process.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Do not open untrusted XDB files in affected applications",
          "product_ids": [
            "1",
            "2"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V2512 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.sw.siemens.com/product/275652363/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V2512 or later version",
          "product_ids": [
            "2"
          ],
          "url": "https://support.sw.siemens.com/product/289054037/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2"
          ]
        }
      ],
      "title": "CVE-2026-23715"
    },
    {
      "cve": "CVE-2026-23716",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected applications contains an out of bounds read vulnerability while parsing specially crafted XDB files. This could allow an attacker to execute code in the context of the current process.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Do not open untrusted XDB files in affected applications",
          "product_ids": [
            "1",
            "2"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V2512 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.sw.siemens.com/product/275652363/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V2512 or later version",
          "product_ids": [
            "2"
          ],
          "url": "https://support.sw.siemens.com/product/289054037/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2"
          ]
        }
      ],
      "title": "CVE-2026-23716"
    },
    {
      "cve": "CVE-2026-23717",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected applications contains an out of bounds read vulnerability while parsing specially crafted XDB files. This could allow an attacker to execute code in the context of the current process.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Do not open untrusted XDB files in affected applications",
          "product_ids": [
            "1",
            "2"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V2512 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.sw.siemens.com/product/275652363/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V2512 or later version",
          "product_ids": [
            "2"
          ],
          "url": "https://support.sw.siemens.com/product/289054037/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2"
          ]
        }
      ],
      "title": "CVE-2026-23717"
    },
    {
      "cve": "CVE-2026-23718",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected applications contains an out of bounds read vulnerability while parsing specially crafted NDB files. This could allow an attacker to execute code in the context of the current process.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Do not open untrusted XDB files in affected applications",
          "product_ids": [
            "1",
            "2"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V2512 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.sw.siemens.com/product/275652363/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V2512 or later version",
          "product_ids": [
            "2"
          ],
          "url": "https://support.sw.siemens.com/product/289054037/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2"
          ]
        }
      ],
      "title": "CVE-2026-23718"
    },
    {
      "cve": "CVE-2026-23719",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted NDB files. This could allow an attacker to execute code in the context of the current process.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Do not open untrusted NDB files in affected applications",
          "product_ids": [
            "1",
            "2"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V2512 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.sw.siemens.com/product/275652363/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V2512 or later version",
          "product_ids": [
            "2"
          ],
          "url": "https://support.sw.siemens.com/product/289054037/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2"
          ]
        }
      ],
      "title": "CVE-2026-23719"
    },
    {
      "cve": "CVE-2026-23720",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected applications contains an out of bounds read vulnerability while parsing specially crafted NDB files. This could allow an attacker to execute code in the context of the current process.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Do not open untrusted NDB files in affected applications",
          "product_ids": [
            "1",
            "2"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V2512 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.sw.siemens.com/product/275652363/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V2512 or later version",
          "product_ids": [
            "2"
          ],
          "url": "https://support.sw.siemens.com/product/289054037/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2"
          ]
        }
      ],
      "title": "CVE-2026-23720"
    }
  ]
}

GHSA-95HC-WCGC-F5R7

Vulnerability from github – Published: 2026-02-10 12:30 – Updated: 2026-02-10 12:30

Details

Severity ?

7.8 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.3 (High)


                  
                    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-23717"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-10T10:15:58Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified in Simcenter Femap (All versions \u003c V2512), Simcenter Nastran (All versions \u003c V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted XDB files. This could allow an attacker to execute code in the context of the current process.",
  "id": "GHSA-95hc-wcgc-f5r7",
  "modified": "2026-02-10T12:30:27Z",
  "published": "2026-02-10T12:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23717"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-965753.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

FKIE_CVE-2026-23717

Vulnerability from fkie_nvd - Published: 2026-02-10 10:15 - Updated: 2026-02-11 18:24

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	productcert@siemens.com	https://cert-portal.siemens.com/productcert/html/ssa-965753.html	Vendor Advisory

Impacted products

	Vendor	Product	Version
	siemens	simcenter_femap	*
	siemens	simcenter_nastran	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simcenter_femap:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0DE036D-8721-4DDF-9459-5735606CF324",
              "versionEndExcluding": "2512.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simcenter_nastran:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "308A9F5D-48A7-4AEA-B2C9-BAFF947244DB",
              "versionEndExcluding": "2512.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in Simcenter Femap (All versions \u003c V2512), Simcenter Nastran (All versions \u003c V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted XDB files. This could allow an attacker to execute code in the context of the current process."
    }
  ],
  "evaluatorComment": "i AG",
  "id": "CVE-2026-23717",
  "lastModified": "2026-02-11T18:24:15.437",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.3,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "HIGH",
          "attackRequirements": "NONE",
          "attackVector": "LOCAL",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "PASSIVE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "productcert@siemens.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-02-10T10:15:58.567",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-965753.html"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-23717 (GCVE-0-2026-23717)

NCSC-2026-0051

SSA-965753

GHSA-95HC-WCGC-F5R7

FKIE_CVE-2026-23717

Tags

Sightings

Nomenclature