CVE-2025-12659

HIGH

Heap-based buffer overflow in Siemens Simcenter Femap

Title source: cna
STIX 2.1

Description

Siemens Simcenter Femap contains a memory corruption vulnerability while parsing specially crafted IPT files. This could allow an attacker to execute code in the context of the current process.

Scores

CVSS v3 7.8
EPSS 0.0020
EPSS Percentile 10.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-122
Status published
Products (2)
Siemens/Simcenter Femap < V2512.0003
Siemens/Simcenter Femap V2512.0003
Published May 12, 2026
Tracked Since May 12, 2026