Data Validation Vulnerability in NX Before V2512
Plan Patch7.8SSA-535115Feb 10, 2026
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
Siemens NX versions before 2512 contain a missing data validation vulnerability in the PDF export function. An attacker with local access to a compromised system could manipulate internal data during PDF export operations to achieve arbitrary code execution with the privileges of the NX application.
What this means
What could happen
An attacker with local access to a machine running NX could tamper with internal data during PDF export operations and potentially execute arbitrary code with the privileges of the NX application.
Who's at risk
NX users in manufacturing, automotive, and aerospace engineering environments should prioritize this update. Affected systems include engineering workstations running NX for CAD/CAM design and NX Managed Mode deployments.
How it could be exploited
An attacker must first gain local access to a workstation running NX (e.g., through a compromised account or physical access). The attacker then manipulates internal data structures during a PDF export operation, exploiting the missing validation to inject malicious code that executes when the export process completes.
Prerequisites
- Local access to the NX workstation or account
- NX running a vulnerable version (< 2512)
- User must perform a PDF export operation while attacker has code execution capability
local access requiredhigh impact (confidentiality, integrity, availability)affects engineering design toolsrequires user interaction (PDF export)
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
NX< 25122512
NX (Managed Mode)< 25122512
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate NX to version 2512 or later
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/fd84f9cd-f2ba-4464-bc87-166c62abff40