Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-25267

CVSS 6.2 · Medium EPSS 0.10% · P26
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-25267

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected application does not properly restrict the scope of files accessible to the simulation model. This could allow an unauthorized attacker to compromise the confidentiality of the system.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
对外部实体的文件或目录可访问
Source: NVD (National Vulnerability Database)
Vulnerability Title
Siemens Tecnomatix Plant Simulation 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Siemens Tecnomatix Plant Simulation是德国西门子(Siemens)公司的一个工控设备。利用离散事件仿真的强大功能进行生产量分析和优化,进而改善制造系统性能。 Siemens Tecnomatix Plant Simulation V2302版本和V2404版本存在安全漏洞,该漏洞源于未正确限制模拟模型可访问文件范围,可能导致系统机密性受损。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
SiemensTecnomatix Plant Simulation V2302 0 ~ V2302.0021 -
SiemensTecnomatix Plant Simulation V2404 0 ~ V2404.0010 -

II. Public POCs for CVE-2025-25267

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-25267

登录查看更多情报信息。

Same Patch Batch · Siemens · 2025-03-11 · 24 CVEs total

CVE-2024-563369.8 CRITICALSiemens SINAMICS S200 授权问题漏洞
CVE-2025-274949.1 CRITICALSiemens SiPass Integrated 输入验证错误漏洞
CVE-2025-273968.8 HIGHSiemens SCALANCE LPE9403 安全漏洞
CVE-2024-561818.2 HIGHSiemens SIMATIC 缓冲区错误漏洞
CVE-2025-274938.2 HIGHSiemens SiPass Integrated 输入验证错误漏洞
CVE-2024-561828.2 HIGHSiemens SIMATIC 缓冲区错误漏洞
CVE-2025-233977.8 HIGHSiemens Teamcenter Visualization和Siemens Tecnomatix Plant Simulation 缓冲区错误漏洞
CVE-2025-233987.8 HIGHSiemens Teamcenter 缓冲区错误漏洞
CVE-2025-233997.8 HIGHSiemens Teamcenter Visualization和Siemens Tecnomatix Plant Simulation 缓冲区错误漏洞
CVE-2025-234007.8 HIGHSiemens Teamcenter Visualization和Siemens Tecnomatix Plant Simulation 缓冲区错误漏洞
CVE-2025-234017.8 HIGHSiemens Teamcenter 缓冲区错误漏洞
CVE-2025-234027.8 HIGHSiemens Teamcenter 资源管理错误漏洞
CVE-2025-274387.8 HIGHSiemens Teamcenter 缓冲区错误漏洞
CVE-2025-233967.8 HIGHSiemens Teamcenter Visualization和Siemens Tecnomatix Plant Simulation 缓冲区错误漏洞
CVE-2025-273937.2 HIGHSiemens SCALANCE LPE9403 操作系统命令注入漏洞
CVE-2025-273957.2 HIGHSiemens SCALANCE LPE9403 路径遍历漏洞
CVE-2025-273947.2 HIGHSiemens SCALANCE LPE9403 操作系统命令注入漏洞
CVE-2025-273927.2 HIGHSiemens SCALANCE LPE9403 操作系统命令注入漏洞
CVE-2025-252666.8 MEDIUMSiemens Tecnomatix Plant Simulation 安全漏洞
CVE-2024-522855.3 MEDIUMSiemens SiPass Integrated 访问控制错误漏洞

Showing top 20 of 24 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

Same product: Tecnomatix Plant Simulation V2302
Same vendor: Siemens
Same weakness: CWE-552

V. Comments for CVE-2025-25267

No comments yet

Leave a comment