Uninitialized Memory Vulnerability in Simcenter Femap by Siemens
CVE-2025-40829

7.3HIGH

Key Information:

Vendor: Siemens
Status: Simcenter Femap
Vendor: CVE Published:; 12 December 2025

What is CVE-2025-40829?

A vulnerability exists in Simcenter Femap due to uninitialized memory being improperly managed when parsing specially crafted SLDPRT files. This oversight may allow an attacker to potentially execute arbitrary code within the context of the affected process, leading to unauthorized actions and system compromise.

Affected Version(s)

Simcenter Femap 0

References

https://cert-portal.siemens.com/productcert/html/ssa-5129...

CVSS V4

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Dec 12, 2025
Vulnerability Reserved
Apr 16, 2025

JSON