OTPulse
FeedAboutContact

Siemens Solid Edge

Plan Patch7.8ICS-CERT ICSA-26-043-05Feb 10, 2026
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

Siemens Solid Edge contains an out-of-bounds read vulnerability in the PS/IGES Parasolid Translator Component when processing IGS file formats. Opening a malicious IGS file could crash the application or potentially allow arbitrary code execution on the affected workstation. Siemens recommends updating to V226.00 Update 03 or later.

What this means
What could happen
An attacker could crash Solid Edge or execute arbitrary code on the engineering workstation if a user opens a malicious IGS file. This could disrupt design work or compromise the workstation used for plant configuration and control system design.
Who's at risk
Engineering teams and design departments that use Siemens Solid Edge for plant design, automation system layout, and control system configuration. This includes process engineers, mechanical designers, and electrical engineers who work on industrial automation projects.
How it could be exploited
An attacker crafts a malicious IGS (IGES) file and tricks a Solid Edge user into opening it. The PS/IGES Parasolid Translator component reads the file and attempts to access memory outside its allocated bounds, either causing the application to crash or allowing code execution on the workstation.
Prerequisites
  • User must open a malicious IGS file in Solid Edge
  • Affected version of Solid Edge must be installed (earlier than V226.00_Update_03)
affects engineering workstationsrequires user interaction (file open)could lead to code execution
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (1)
ProductAffected VersionsFix Status
Solid Edge<V226.00 Update 03226.00 Update 03
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Solid Edge to version V226.00 Update 03 or later
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/ca1f232c-0a66-4089-85be-870f4231d37b
Siemens Solid Edge | CVSS 7.8 - OTPulse