Access Control Vulnerability in Tecnomatix Plant Simulation by Siemens
CVE-2025-25266
7HIGH
Key Information:
- Vendor
- Siemens
- Vendor
- CVE Published:
- 11 March 2025
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation that can allow unauthorized attackers to gain access to file deletion functions. This misconfiguration may enable these attackers to delete files despite restricted access permissions, potentially leading to significant data loss or unauthorized changes to critical system files. Organizations using vulnerable versions of Tecnomatix Plant Simulation must address this issue to prevent possible data integrity breaches.
Affected Version(s)
Tecnomatix Plant Simulation V2302 0
Tecnomatix Plant Simulation V2404 0
References
CVSS V4
Score:
7
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved