Untrusted Search Path Vulnerability in Siemens COMOS, Simcenter and Solid Edge Products
CVE-2025-40945
8.5HIGH
Key Information:
- Vendor
Siemens
- Vendor
- CVE Published:
- 14 July 2026
What is CVE-2025-40945?
A vulnerability exists in various Siemens software, including COMOS and Simcenter products, due to an untrusted search path in the IAM Client SDK. This flaw allows authenticated users to potentially escalate their privileges within the system through local access, posing significant security risks. Users and administrators should apply necessary updates to mitigate these risks.
Affected Version(s)
COMOS V10.4.5 0
COMOS V10.6 0
Designcenter NX 0