CVE-2025-25175

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Simcenter Femap versions prior to V2401.0003 Simcenter Femap versions prior to V2406.0002

Description: A memory corruption issue has been identified in the affected application while parsing specially crafted .NEU files. This could allow an attacker to execute code in the context of the current process. The issue is related to improper restriction of operations within the bounds of a memory buffer.

Recommendations: For Simcenter Femap versions prior to V2401.0003, update to version V2401.0003 or later to resolve the issue. For Simcenter Femap versions prior to V2406.0002, update to version V2406.0002 or later to resolve the issue. As a temporary workaround, consider restricting the use of .NEU files until a patch is available.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

BDU:2025-05045

CVE-2025-25175

ZDI-25-130

ZDI-25-874

ZDI-25-875

ZDI-25-876

Affected Products

Simcenter Femap

CVE-2025-25175

Weakness Enumeration

Related Identifiers

Affected Products

References · 14