Siemens Solid Edge

Plan Patch7.8ICS-CERT ICSA-25-191-02Jul 8, 2025

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Solid Edge SE2025 contains multiple file parsing vulnerabilities in PAR and CFG file handling that could allow an attacker to crash the application or execute arbitrary code. The vulnerabilities are triggered when a user opens a specially crafted file. Siemens has released version 225.0 Update 5 to address these issues. No remote exploitation is possible; the attacker must trick a user into opening a malicious file.

What this means

What could happen

An attacker who tricks a user into opening a specially crafted design file (PAR or CFG format) in Solid Edge could crash the application or run arbitrary code on the engineering workstation, potentially compromising the design data and manufacturing parameters used in production.

Who's at risk

Design and manufacturing engineers using Siemens Solid Edge SE2025 on engineering workstations should be aware of this risk. This affects organizations in manufacturing, aerospace, automotive, and heavy equipment sectors that rely on Solid Edge for CAD and design work. The vulnerability requires user interaction, so it is primarily a risk to engineers and designers who may receive malicious files via email or file sharing.

How it could be exploited

An attacker sends a malicious PAR or CFG file to an engineer or designer via email or file sharing. When the engineer opens the file in Solid Edge, the application's file parser processes the specially crafted data, triggering a buffer overflow or similar memory corruption issue that allows the attacker to execute code with the privileges of the user running Solid Edge.

Prerequisites

User interaction required—engineer or designer must open the malicious file in Solid Edge
The affected user must have write or design access to files (normal for CAD operators)
File must be in PAR or CFG format that Solid Edge accepts

Requires user interaction (file must be opened)Low attack complexityAffects design and manufacturing documentationDefault behavior allows file parsing without additional warnings

Exploitability

Low exploit probability (EPSS 0.0%)

Affected products (1)

ProductAffected VersionsFix Status

Solid Edge SE2025<V225.0 Update 5225.0 Update 5

Remediation & Mitigation

0/5

Do now

0/2

WORKAROUNDDo not open PAR files from untrusted sources (email, external file shares, unknown contacts)

WORKAROUNDDo not open CFG files from untrusted sources

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Solid Edge SE2025 to version 225.0 Update 5 or later

Long-term hardening

0/2

HARDENINGEducate engineering staff to verify the source and legitimacy of design files before opening them, especially unsolicited files

HARDENINGImplement network segmentation to isolate engineering workstations from internet-facing networks and restrict email attachment types at the gateway

CVEs (3)

CVE-2025-40739 CVE-2025-40740 CVE-2025-40741

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/17b3eb36-e32f-4606-a7eb-4126891e217e