CVE Alert: CVE-2025-40811 – Siemens – Solid Edge SE2024

Risk verdict

High risk overall; there is no current exploitation flag (SSVC exploitation state: none) and no KEV entry, but the potential for code execution with user interaction warrants urgent remediation.

Why this matters

Engineering and manufacturing environments relying on Solid Edge CAD are exposed if users open crafted PRT files. A successful trigger could compromise the running process, risking CAD data integrity and potential broader impact if credentials or network access are leveraged post-exploitation.

Most likely attack path

An attacker would need local access and a user to open a malicious PRT file. Parsing this file could trigger an out-of-bounds read, causing a crash or code execution within the process and potentially enabling local privilege escalation or data compromise, depending on the user’s rights.

Who is most exposed

Sites with widespread Solid Edge deployments, particularly in design, engineering, and manufacturing offices, where sharing CAD files and external attachments is routine, are most at risk.

Detection ideas

• Crashes or memory corruption in Solid Edge after opening a PRT file.
• Abnormal crash dumps with parsing-related VMs or stack traces.
• Logs showing failed PRT parsing or anomalous file-handling events.
• Suspicious email or file-sharing activity involving PRT attachments.
• Unusual process memory growth around Solid Edge during file import.

Mitigation and prioritisation

• Apply the latest updates: SE2024 V224.0 Update 14 or SE2025 V225.0 Update 6.
• Restrict opening of external PRT files; enable whitelisting or sandboxing for CAD workflows.
• Enforce least privilege for Solid Edge users; consider separate CAD workstations.
• Enable application hardening, memory protection, and regular backups; verify patch deployment in staging first.
• If patching lags, implement compensating controls and conduct user awareness on handling external CAD files.