Siemens Software Center and Solid Edge
Plan PatchCVSS 7.8ICS-CERT ICSA-25-317-17Nov 11, 2025
Siemens
Attack path
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
Siemens Software Center and Solid Edge are affected by a DLL hijacking vulnerability (CWE-427). An attacker with local system access could place a crafted DLL file on the system to execute arbitrary code when the application runs. No public exploitation has been reported. The vulnerability is not remotely exploitable.
What this means
What could happen
An attacker with local system access could place a malicious DLL file on the system to execute arbitrary code with the privileges of the Software Center or Solid Edge application, potentially compromising design data or disrupting CAD/engineering workflows.
Who's at risk
This vulnerability affects organizations using Siemens Software Center or Solid Edge for CAD design and engineering. Any user workstation running these tools with local system access is at risk. This is primarily an IT risk but could indirectly impact OT operations if design/engineering data is compromised or if these tools are used to configure control systems.
How it could be exploited
An attacker must first gain local access to the machine running Siemens Software Center or Solid Edge (e.g., via social engineering, physical access, or prior compromise). The attacker then places a crafted DLL file in a location where the application searches for dependencies. When the application runs and loads the malicious DLL, arbitrary code executes with the application's privileges.
Prerequisites
- Local system access (not remotely exploitable)
- User interaction required (the application must be launched by a user)
- Ability to write files to a directory in the application's DLL search path
Low complexity attackLocal access required (reduces risk)User interaction required (reduces risk)Could lead to arbitrary code execution
Exploitability
Unlikely to be exploited — EPSS score 0.0%
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
Software Center< 3.53.5
Solid Edge SE2025<V225.0 Update 10225.0 Update 10
Remediation & Mitigation
0/4
Schedule — requires maintenance window
0/2Patching may require device reboot — plan for process interruption
Software Center
HOTFIXUpdate Siemens Software Center to version 3.5 or later
Solid Edge SE2025
HOTFIXUpdate Solid Edge SE2025 to version 225.0 Update 10 or later
Long-term hardening
0/2HARDENINGRestrict local system access and apply principle of least privilege to user accounts running these applications
HARDENINGEducate users not to download or execute files from untrusted sources, as this is the primary attack vector for DLL hijacking
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/a3c5abca-7888-4147-8a69-e68f8d0e304fGet OT security insights every Tuesday
Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.