Primary

Context

Siemens Simcenter Femap Out-of-Bounds Write Vulnerability in STP File Parsing Allowing Code Execution

Vulnerability

Patched

A vulnerability allowing out-of-bounds write has been identified in Siemens Simcenter Femap versions 2406 (prior to 2406.0003) and 2412 (prior to 2412.0002). This vulnerability arises when the application parses specially crafted STP files, potentially enabling an attacker to execute code within the context of the current process.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution in the context of the current process.

Remediation

Users are advised to update to Siemens Simcenter Femap version 2406.0003 or 2412.0002 or later. For more information, visit the Siemens Support page for Simcenter Femap.

Added: Aug 12, 2025, 12:26 PM

Updated: Aug 12, 2025, 2:43 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

7.5

exploitability

4.4

remediation

7.9

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

7.5

exploitability

4.4

remediation

7.9

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Siemens Simcenter Femap Out-of-Bounds Write Vulnerability in STP File Parsing Allowing Code Execution

Vulnerability

Impact

Remediation

Affected Products

Siemens Simcenter Femap

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating