Primary

Context

Siemens Simcenter Femap Out-of-Bounds Read Vulnerability in BMP File Parsing Allowing Code Execution

Vulnerability

Patched

A vulnerability allowing out-of-bounds read has been identified in Siemens Simcenter Femap versions 2406 (prior to 2406.0003) and 2412 (prior to 2412.0002). This vulnerability occurs while the application parses specially crafted BMP files, which could enable an attacker to execute code in the context of the current process.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution in the context of the current process.

Remediation

Users are advised to update to Simcenter Femap version 2406.0003 or later for version 2406, and to version 2412.0002 or later for version 2412. For more information, visit the Siemens Support page for Simcenter Femap.

Added: Aug 12, 2025, 12:24 PM

Updated: Aug 12, 2025, 2:41 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

7.5

exploitability

4.4

remediation

7.9

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

7.5

exploitability

4.4

remediation

7.9

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Siemens Simcenter Femap Out-of-Bounds Read Vulnerability in BMP File Parsing Allowing Code Execution

Vulnerability

Impact

Remediation

Affected Products

Siemens Simcenter Femap

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating