Code Injection Vulnerability in Teamcenter Products by Siemens
CVE-2026-33862

8.5HIGH

Key Information:

Vendor: Siemens
Status: Teamcenter V2312; Teamcenter V2406; Teamcenter V2412; Teamcenter V2506
Vendor: CVE Published:; 12 May 2026

What is CVE-2026-33862?

A security flaw has been identified in various versions of Teamcenter software by Siemens. The vulnerability arises from improper encoding and filtering of user-supplied data, which may allow attackers to inject malicious code. Such an exploitation could potentially enable an attacker to execute harmful scripts when other users access the affected pages. Organizations utilizing any of the specified Teamcenter versions should take immediate action to mitigate this risk.

Affected Version(s)

Teamcenter V2312 0

Teamcenter V2406 0

Teamcenter V2412 0

References

https://cert-portal.siemens.com/productcert/html/ssa-8273...

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2026
Vulnerability Reserved
Mar 24, 2026

CVE-2026-33862 Data

JSON