PT-2025-10736 · Siemens · Tecnomatix Plant Simulation

Published

2025-03-11

Updated

2025-03-11

CVE-2025-25267

CVSS v3.1

6.2

Medium

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Tecnomatix Plant Simulation versions prior to V2302.0021 Tecnomatix Plant Simulation versions prior to V2404.0010

Description The affected application does not properly restrict the scope of files accessible to the simulation model. This could allow an unauthorized attacker to compromise the confidentiality of the system.

Recommendations For versions prior to V2302.0021, update to V2302.0021 or later to resolve the issue. For versions prior to V2404.0010, update to V2404.0010 or later to resolve the issue.

Fix

Files Accessible to External Parties

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-552

Related Identifiers

BDU:2025-02894

CVE-2025-25267

Affected Products

Tecnomatix Plant Simulation

PT-2025-10736 · Siemens · Tecnomatix Plant Simulation

CVE-2025-25267

Weakness Enumeration

Related Identifiers

Affected Products

References · 6