Siemens Software Center
Moderate fix1 remedy
cpe:2.3:a:siemens:software_center:*:*:*:*:*:*:*
Moderate fix1 remedy
- < V3.5.8.2
Siemens Products Improper Certificate Validation Vulnerability Allowing Man-in-the-Middle Attacks
Vulnerability
Patched
A vulnerability exists in multiple Siemens applications, including Siemens Software Center, Simcenter 3D, Simcenter Femap, Simcenter STAR-CCM+, Solid Edge SE2025, Solid Edge SE2026, and Tecnomatix Plant Simulation. All versions prior to the latest updates are affected. The vulnerability arises from improper validation of client certificates when connecting to the Analytics Service endpoint, potentially allowing an unauthenticated remote attacker to conduct man-in-the-middle attacks.
Impact
Exploitation of this vulnerability could lead to man-in-the-middle attacks, allowing an attacker to intercept and potentially alter communications between the client and the Analytics Service endpoint.
Remediation
Users are advised to update to the latest versions of the affected products. Specific update instructions can be found on the Siemens Support website.
Added: Apr 14, 2026, 9:34 AM
Updated: Apr 14, 2026, 9:34 AM
Vulnerability Rating
Custom Algorithm
spread
4.2impact
3.1exploitability
4.3remediation
7.7relevance
5.9threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.