CVE-2025-40744

High CVSS: 8.7

A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 11). Affected applications do not properly validate client certificates to connect to License Service endpoint. This could allow an unauthenticated remote attacker to perform man in the middle attacks.

Vendor

Product

CWE

CWE-295

Yayın Tarihi

2025-11-11 21:15:37

Güncelleme

2025-11-12 16:19:12

Source Identifier

productcert@siemens.com

KEV Date Added

Kategoriler

CWE-295 HIGH 2025

Referanslar

https://cert-portal.siemens.com/productcert/html/ssa-522291.html