Out of Bounds Read in PS/IGES Parasolid Translator Component by Siemens
CVE-2025-40936

7.3HIGH

Key Information:

Vendor: Siemens
Status: Ps/iges Parasolid Translator Component
Vendor: CVE Published:; 17 November 2025

What is CVE-2025-40936?

An out of bounds read vulnerability has been identified in the PS/IGES Parasolid Translator Component, found in all versions prior to V29.0.258. This issue arises when the application processes specially crafted IGS files, potentially leading to application crashes or unauthorized code execution within the context of the current process. It is crucial for users of affected versions to review and implement necessary security measures to mitigate this risk.

Affected Version(s)

PS/IGES Parasolid Translator Component 0

References

https://cert-portal.siemens.com/productcert/html/ssa-2416...

CVSS V4

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 17, 2025
Vulnerability Reserved
Apr 16, 2025

JSON