Out of Bounds Write Vulnerability in Simcenter Femap by Siemens
CVE-2025-40762

7.3HIGH

Key Information:

Vendor: Siemens
Status: Simcenter Femap V2406; Simcenter Femap V2412
Vendor: CVE Published:; 12 August 2025

What is CVE-2025-40762?

A security issue has been discovered in Simcenter Femap versions prior to V2406.0003 and V2412.0002. The vulnerability arises from improper handling of specially crafted STP files, which could lead to an out of bounds write condition. This flaw can allow attackers to execute arbitrary code within the application context, potentially compromising system integrity. Users are advised to update their software to mitigate associated risks.

Affected Version(s)

Simcenter Femap V2406 0

Simcenter Femap V2412 0

References

https://cert-portal.siemens.com/productcert/html/ssa-6740...

CVSS V4

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 12, 2025
Vulnerability Reserved
Apr 16, 2025