CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27392
https://notcve.org/view.php?id=CVE-2025-27392
11 Mar 2025 — A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new VXLAN configurations. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device. • https://cert-portal.siemens.com/productcert/html/ssa-075201.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25267
https://notcve.org/view.php?id=CVE-2025-25267
11 Mar 2025 — A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected application does not properly restrict the scope of files accessible to the simulation model. This could allow an unauthorized attacker to compromise the confidentiality of the system. • https://cert-portal.siemens.com/productcert/html/ssa-507653.html • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25266
https://notcve.org/view.php?id=CVE-2025-25266
11 Mar 2025 — A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected application does not properly restrict access to the file deletion functionality. This could allow an unauthorized attacker to delete files even when access to the system should be prohibited, resulting in potential data loss or unauthorized modification of system files. • https://cert-portal.siemens.com/productcert/html/ssa-507653.html • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-23402
https://notcve.org/view.php?id=CVE-2025-23402
11 Mar 2025 — A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected applications contain a use-after-free vulnerability that could be triggered while parsing spec... • https://cert-portal.siemens.com/productcert/html/ssa-050438.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-23401
https://notcve.org/view.php?id=CVE-2025-23401
11 Mar 2025 — A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected applications contain an out of bounds read past the end of an allocated structure while parsin... • https://cert-portal.siemens.com/productcert/html/ssa-050438.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-23400
https://notcve.org/view.php?id=CVE-2025-23400
11 Mar 2025 — A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. This... • https://cert-portal.siemens.com/productcert/html/ssa-050438.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-23399
https://notcve.org/view.php?id=CVE-2025-23399
11 Mar 2025 — A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected applications contain an out of bounds read past the end of an allocated structure while parsin... • https://cert-portal.siemens.com/productcert/html/ssa-050438.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-23398
https://notcve.org/view.php?id=CVE-2025-23398
11 Mar 2025 — A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. This... • https://cert-portal.siemens.com/productcert/html/ssa-050438.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-23397
https://notcve.org/view.php?id=CVE-2025-23397
11 Mar 2025 — A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. This... • https://cert-portal.siemens.com/productcert/html/ssa-050438.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-23396
https://notcve.org/view.php?id=CVE-2025-23396
11 Mar 2025 — A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL... • https://cert-portal.siemens.com/productcert/html/ssa-050438.html • CWE-787: Out-of-bounds Write •