Full Report
Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads specially crafted PRT files format. This could allow an attacker to crash the application or execute arbitrary code. Siemens has released new versions for the affected products and recommends to update to the latest versions.
Analysis Summary
# Vulnerability: Multiple File Parsing Vulnerabilities in Siemens Solid Edge
## CVE Details
- CVE ID: CVE-2025-40809, CVE-2025-40810, CVE-2025-40811, CVE-2025-40812
- CVSS Score: 7.8 (CVSS v3.1 Base Score) / 7.3 (CVSS v4.0 Base Score) (High Severity implied by exploit potential, though severity label is "High" in typical context for 7.8)
- CWE: CWE-787 (Out-of-bounds Write) for 40809/40810; CWE-125 (Out-of-bounds Read) for 40811/40812
## Affected Systems
- Products: Solid Edge SE2024, Solid Edge SE2025
- Versions:
- SE2024: All versions prior to V224.0 Update 14
- SE2025: All versions prior to V225.0 Update 6
- Configurations: Triggered when the application reads specially crafted PRT files.
## Vulnerability Description
Multiple heap-based buffer vulnerabilities exist within the file parsing logic of Solid Edge when handling the PRT file format. Specifically, CVE-2025-40809 and CVE-2025-40810 are *Out-of-bounds Write* vulnerabilities, while CVE-2025-40811 and CVE-2025-40812 are *Out-of-bounds Read* vulnerabilities. Exploitation requires processing a malicious PRT file. Successful exploitation can lead to application crashes or arbitrary code execution within the context of the current process.
## Exploitation
- Status: Details regarding active exploitation in the wild are not provided; assumed potential risk.
- Complexity: CVSS vectors suggest Low Attack Complexity (AC:L in v3.1) for the vulnerability trigger, but High Attack Complexity (AC:H in v4.0). The required user interaction (UI:R/UI:P) indicates an attacker needs to trick a user into opening the file.
- Attack Vector: Local (AV:L) - implies the attacker must deliver the malicious file locally (e.g., via email attachment or file transfer, not direct network access to the tool itself).
## Impact
- Confidentiality: High (C:H)
- Integrity: High (I:H)
- Availability: High (A:H)
*(Based on potential for arbitrary code execution leading to system compromise)*
## Remediation
### Patches
Customers must update to the version that includes the fixes for all listed CVEs:
- Solid Edge SE2024: Update to **V224.0 Update 14 or later**.
- Solid Edge SE2025: Update to **V225.0 Update 6 or later**.
### Workarounds
The primary workaround provided targets all four CVEs:
- **Do not open untrusted PRT files** in affected Solid Edge applications.
## Detection
- Detection methods specific to these vulnerabilities (e.g., specific memory corruption signature triggers) are not provided in the summary.
- **Mitigation focus:** Monitor user activity regarding the opening of unknown or untrusted PRT files.
- General security recommendations from Siemens regarding network access protection should be followed.
## References
- Vendor Advisories: Siemens Security Advisory SSA-541582
- Relevant links - defanged:
- Siemens ProductCERT Portal (General): hxxps://www.siemens.com/cert/advisories
- Siemens Operational Guidelines: hxxps://www.siemens.com/cert/operational-guidelines-industrial-security
- Support Link for Patches: hxxps://support.sw.siemens.com/product/246738425/