CVE Alert: CVE-2025-40810 – Siemens – Solid Edge SE2024
CVE-2025-40810
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 14), Solid Edge SE2025 (All versions < V225.0 Update 6). The affected applications contains an out of bounds write vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process.
AI Summary Analysis
Risk verdict
High risk of code execution if a user opens a crafted PRT file; currently no active exploitation reported, but apply the patch as a priority.
Why this matters
Attackers would exploit during parsing to run arbitrary code under the current user, potentially compromising the workstation and exposing IP stored in CAD data. In practice, this could disrupt engineering workflows, enable data exfiltration, or enable lateral movement if the compromised host has network access or design repositories mounted.
Most likely attack path
An adversary delivers a malicious PRT file (e.g., via email or shared folders); a user opens it, triggering the out-of-bounds write during parsing. This could lead to code execution with the user’s privileges and no required initial privileges, aided by user interaction. If the user operates with elevated rights or accesses connected design networks, movement or data access could broaden the impact.
Who is most exposed
organisations that rely on this CAD software on Windows workstations, especially where external vendors regularly exchange PRT files and design IP is high-value.
Detection ideas
- Application crashes or fault dumps from the CAD process after opening PRT files.
- Windows Event Logs showing crash events or errors tied to parsing.
- Unusual memory/CPU spikes during file import.
- New or unexpected child processes spawned during parsing.
- EDR alerts for memory corruption patterns or anomalous writes within the parsing module.
Mitigation and prioritisation
- Apply the vendor patch to the fixed release (V224.0 Update 14 / V225.0 Update 6) as soon as available.
- Enforce least-privilege usage; block automatic opening or execution of external PRT files where feasible.
- tighten file-reception controls: scan external attachments, apply DLP rules, and restrict unsigned file handling.
- Test the fix in QA first; ensure design data integrity and backup workflows are intact before broad rollout.
- Communicate a short-term workaround to affected teams if patch timing is uncertain.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
