Siemens NX

Plan PatchCVSS 7.8ICS-CERT ICSA-26-043-08Feb 10, 2026

Siemens

Attack path

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Siemens NX contains a missing data validation vulnerability in the PDF export process that could allow arbitrary code execution when processing specially crafted NX or CGM files. The vulnerability is triggered when a user opens an untrusted file and exports it to PDF. An attacker with local access to a compromised system could exploit this to tamper with internal data structures and achieve code execution on the engineering workstation.

What this means

What could happen

A user who opens a malicious CAD drawing file in Siemens NX could allow an attacker to run arbitrary code on the workstation during PDF export, potentially compromising the engineering environment and sensitive design data.

Who's at risk

Organizations using Siemens NX for CAD/design work, particularly in manufacturing, automotive, aerospace, and engineering firms. Engineering workstations running NX versions prior to 2512 are at risk if users open files from untrusted sources.

How it could be exploited

An attacker crafts a malicious NX file or CGM (Computer Graphics Metafile) document with tampered internal data. When a user opens and attempts to export it as PDF, the application processes the corrupted data without validation, allowing code execution on the user's workstation with the privileges of the NX application.

Prerequisites

Local file access (user must open the malicious file)
User interaction required (user must open the file and export to PDF)
NX version prior to 2512 must be installed

Requires user interaction (file must be opened)Local access requiredLow attack complexityAffects engineering environment and intellectual property

Exploitability

Unlikely to be exploited — EPSS score 0.0%

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

NX< 25122512

NX (Managed Mode)< 25122512

Remediation & Mitigation

0/3

Do now

0/1

WORKAROUNDDo not open CGM or NX files from untrusted or external sources until the patch is applied

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Siemens NX to version 2512 or later

Long-term hardening

0/1

HARDENINGRestrict NX application usage to trusted users and implement file integrity checking for CAD files received from external parties

CVEs (1)

CVE-2026-22923

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/f885e60b-fa3f-496f-8e6c-84a55fdab2ff

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.