DLL Hijacking Vulnerability in Siemens Software Center and Solid Edge
CVE-2025-40827

8.5HIGH

Key Information:

Vendor: Siemens
Status: Siemens Software Center; Solid Edge Se2025
Vendor: CVE Published:; 11 November 2025

What is CVE-2025-40827?

A DLL hijacking vulnerability has been discovered in the Siemens Software Center and Solid Edge SE2025. This security flaw affects all versions of Siemens Software Center prior to 3.5 and all versions of Solid Edge SE2025 before 225.0 Update 10. By exploiting this vulnerability, an attacker could potentially execute arbitrary code on the system by placing a specially crafted DLL file in a local directory. This threat emphasizes the importance of promptly updating and securing vulnerable products.

Affected Version(s)

Siemens Software Center 0

Solid Edge SE2025 0

References

https://cert-portal.siemens.com/productcert/html/ssa-3655...

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2025
Vulnerability Reserved
Apr 16, 2025

JSON