Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-32454

CVSS 7.8 · High EPSS 0.06% · P18
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-32454

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.14), Teamcenter Visualization V2312 (All versions < V2312.0010), Teamcenter Visualization V2406 (All versions < V2406.0008), Teamcenter Visualization V2412 (All versions < V2412.0004), Tecnomatix Plant Simulation V2404 (All versions < V2404.0013). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
跨界内存读
Source: NVD (National Vulnerability Database)
Vulnerability Title
Siemens Teamcenter Visualization 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Siemens Teamcenter Visualization是德国西门子(Siemens)公司的一个可为设计2D、3D场景提供团队协作功能的软件。该软件通过从多种机械计算机辅助设计(MCAD)格式创建虚拟原型,可简化了工程和制造流程。 Siemens Teamcenter Visualization存在缓冲区错误漏洞,该漏洞源于解析特制WRL文件时越界读取,可能导致执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
SiemensTeamcenter Visualization V14.3 0 ~ V14.3.0.14 -
SiemensTeamcenter Visualization V2312 0 ~ V2312.0010 -
SiemensTeamcenter Visualization V2406 0 ~ V2406.0008 -
SiemensTeamcenter Visualization V2412 0 ~ V2412.0004 -
SiemensTecnomatix Plant Simulation V2404 0 ~ V2404.0013 -

II. Public POCs for CVE-2025-32454

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-32454

登录查看更多情报信息。

Same Patch Batch · Siemens · 2025-05-13 · 36 CVEs total

CVE-2025-2638910.0 CRITICALSiemens OZW672 操作系统命令注入漏洞
CVE-2025-324699.9 CRITICALsiemens多款产品 安全漏洞
CVE-2025-330249.9 CRITICALSiemens多款产品 安全漏洞
CVE-2025-330259.9 CRITICALSiemens多款产品 安全漏洞
CVE-2025-263909.8 CRITICALSiemens OZW672和Siemens OZW772 SQL注入漏洞
CVE-2025-319308.8 HIGHSiemens VersiCharge AC Series 安全漏洞
CVE-2025-405668.8 HIGHSiemens SIMATIC PCS neo 代码问题漏洞
CVE-2025-405827.8 HIGHSiemens SCALANCE LPE9403 操作系统命令注入漏洞
CVE-2025-405747.8 HIGHSiemens SCALANCE LPE9403 安全漏洞
CVE-2025-301757.5 HIGHSiemens多款产品 缓冲区错误漏洞
CVE-2024-238157.5 HIGHSiemens Desigo CC 访问控制错误漏洞
CVE-2025-240077.5 HIGHSiemens SIRIUS 3RK3 Modular Safety System和Siemens SIRIUS Safety Relays 3SK2 加密问题漏洞
CVE-2025-301747.5 HIGHSiemens多款产品 缓冲区错误漏洞
CVE-2025-301767.5 HIGHSiemens多款产品 缓冲区错误漏洞
CVE-2025-405817.1 HIGHSiemens SCALANCE LPE9403 安全漏洞
CVE-2025-405796.7 MEDIUMSiemens SCALANCE LPE9403 安全漏洞
CVE-2025-405806.7 MEDIUMSiemens SCALANCE LPE9403 安全漏洞
CVE-2025-405566.5 MEDIUMSiemens BACnet ATEC 输入验证错误漏洞
CVE-2024-514446.5 MEDIUMSiemens Polarion SQL注入漏洞
CVE-2024-514456.5 MEDIUMSiemens Polarion 代码问题漏洞

Showing top 20 of 36 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

Same product: Teamcenter Visualization V14.3
Same vendor: Siemens
Same weakness: CWE-125

V. Comments for CVE-2025-32454

No comments yet

Leave a comment