Siemens Analytics Toolkit
Severity: Medium · Kind: Advisory
We've ingested this item but haven't summarised it yet. Read the upstream advisory using the link below in the meantime — the AI summary will appear here once the next run completes.
From the source
View CSAF Summary Multiple Siemens applications are affected by improper certificate validation in Siemens Analytics Toolkit. This could allow an unauthenticated remote attacker to perform man in the middle attacks. Siemens has released new versions for the affected products and recommends to update to the latest versions. The following versions of Siemens Analytics Toolkit are affected: Siemens Software Center vers:intdot/<3.5.8.2 (CVE-2025-40745) Simcenter 3D vers:intdot/<2506.6000 (CVE-2025-40745) Simcenter Femap vers:intdot/<2506.0002 (CVE-2025-40745) Simcenter STAR-CCM+ vers:intdot/<2602 (CVE-2025-40745) Solid Edge SE2025 Solid Edge SE2026 Tecnomatix Plant Simulation vers:intdot/<2504.0008 (CVE-2025-40745) CVSS Vendor Equipment Vulnerabilities v3 3.7 Siemens Siemens Analytics Toolkit Improper Certificate Validation Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide Company Headquarters Location: Germany Vulnerabilities Expand All + CVE-2025-40745 Affected applications do not properly validate client certificates to connect to Analytics Service endpoint. This could allow an unauthenticated remote attacker to perform man in the middle attacks. View CVE Details Affected Products Siemens Analytics Toolkit Vendor: Siemens Product Version: Siemens Software Center, Simcenter 3D, Simcenter Femap, Simcenter STAR-CCM+, Solid Edge SE2025, Solid Edge SE2026, Tecnomatix Plant Simulation Product Status: known_affected Remediations Ve
Was this useful?
Plain-English summaries are AI-generated and reviewed for tone, not technical accuracy. For incident response, always rely on the original source linked above.