Description
Siemens Simcenter Femap contains a memory corruption vulnerability while parsing specially crafted IPT files. This could allow an attacker to execute code in the context of the current process.
Problem types
CWE-122 Heap-based buffer overflow
Product status
Any version before V2512.0003
V2512.0003
Credits
Siemens thanks TrendAI Zero Day Initiative for coordinated disclosure
References
cert-portal.siemens.com/productcert/html/ssa-870926.html
cert-portal.siemens.com/productcert/html/ssa-870926.html
www.cisa.gov/news-events/ics-advisories/icsa-26-134-05
github.com/...p/csaf_files/OT/white/2026/icsa-26-134-05.json