Data Validation Vulnerability in NX by Siemens
CVE-2026-22923

7.3HIGH

Key Information:

Vendor: Siemens
Status: Nx; Nx (managed Mode)
Vendor: CVE Published:; 10 February 2026

What is CVE-2026-22923?

A data validation vulnerability exists in the NX application by Siemens, impacting all versions prior to V2512. This flaw can potentially be exploited by an attacker with local access, allowing them to manipulate internal data during the PDF export process. Such manipulation could lead to the execution of arbitrary code, posing significant security risks for users relying on this application for their design and engineering workflows.

Affected Version(s)

NX 0

NX (Managed Mode) 0

References

https://cert-portal.siemens.com/productcert/html/ssa-5351...

CVSS V4

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 10, 2026
Vulnerability Reserved
Jan 13, 2026

CVE-2026-22923 Data

JSON