CVE Alert: CVE-2025-40812 – Siemens – Solid Edge SE2024
CVE-2025-40812
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 14), Solid Edge SE2025 (All versions < V225.0 Update 6). The affected applications contains an out of bounds read vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process.
AI Summary Analysis
Risk verdict
High risk due to potential code execution from parsing a crafted PRT file during normal use; KEV presence and SSVC exploitation state are not provided in the data.
Why this matters
Compromise could occur within the running process with the attacker gaining the current user’s privileges, enabling data exposure or design-file tampering in CAD environments. Organisations relying on Solid Edge for design workflows and external file exchange are particularly exposed if patches are not promptly applied.
Most likely attack path
An attacker must entice a user to open or import a malicious PRT file. The vulnerability involves an out-of-bounds read during parsing, enabling code execution in the user’s context (UI: user interaction; AV: local). No privilege escalation required beyond the user’s current rights, so lateral movement would depend on subsequent access to connected systems or shares.
Who is most exposed
Engineering and design teams employing Solid Edge on Windows desktops, especially where external CAD files or partner-delivered files are commonplace and patching cycles are slow.
Detection ideas
- Crash dumps or unexpected Solid Edge terminations when opening PRT files.
- Elevated memory or CPU usage linked to PRT processing.
- Windows event logs reporting application faults or dump generation for Solid Edge.
- Unusual file-access activity around incoming PRT files from email/shares.
- EDR alerts for memory-corruption or anomalous process behaviour in Solid Edge.
Mitigation and prioritisation
- Apply the latest vendor security updates for Solid Edge as released; monitor Siemens advisories.
- Enforce least-privilege usage for CAD workstations; restrict file sources and disable automatic execution of untrusted PRT content.
- Implement application whitelisting and robust EDR coverage focused on memory-corruption indicators.
- Validate patches in a test environment before production rollout; schedule within change windows.
- If KEV is confirmed or EPSS ≥ 0.5, treat as priority 1; otherwise default to prioritise as 2.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
