Siemens Solid Edge

Plan PatchCVSS 7.8ICS-CERT ICSA-25-191-02Jul 8, 2025

Siemens

Attack path

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Solid Edge SE2025 contains multiple file parsing vulnerabilities in PAR and CFG file format handlers that could allow an attacker to crash the application or execute arbitrary code when a user opens a specially crafted file.

What this means

What could happen

An attacker could crash Solid Edge or execute arbitrary code on an engineering workstation if a user opens a malicious PAR or CFG file, potentially compromising the design environment and allowing access to sensitive CAD models or project data.

Who's at risk

Engineering and design teams using Solid Edge SE2025 for CAD modeling are affected. This is particularly relevant to organizations in manufacturing, industrial design, and process engineering that rely on Solid Edge workstations for creating and modifying design files.

How it could be exploited

An attacker would need to craft a malicious PAR or CFG file and trick a Solid Edge user into opening it. Since the vulnerability requires user interaction (file opening) and is not remotely exploitable, the attack vector typically involves social engineering via email or file sharing to deliver the malicious file to an engineering workstation.

Prerequisites

User interaction required: victim must open a malicious PAR or CFG file
Attacker must deliver the crafted file to the target user (via email, USB, file share, etc.)
Solid Edge SE2025 with version below V225.0 Update 5 must be installed on the workstation

requires user interactionaffects design/engineering workstationsmalicious file delivery via email or social engineering

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (1)

ProductAffected VersionsFix Status

Solid Edge SE2025<V225.0 Update 5225.0 Update 5

Remediation & Mitigation

0/4

Do now

0/2

WORKAROUNDInstruct users not to open PAR files from untrusted sources until patched

WORKAROUNDInstruct users not to open CFG files from untrusted sources until patched

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Solid Edge SE2025 to V225.0 Update 5 or later

Long-term hardening

0/1

HARDENINGImplement email filtering and user training to reduce the likelihood of users opening malicious attachments

CVEs (3)

CVE-2025-40739 CVE-2025-40740 CVE-2025-40741

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/17b3eb36-e32f-4606-a7eb-4126891e217e

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.