CNNVD-202512-1528 Information
CNNVD ID
CNNVD-202512-1528
Related CVE
- CNNVD Published: 2025-12-09
Description (Chinese)
Siemens NX等都是德国西门子(Siemens)公司的产品。Siemens NX是Siemens COMOS是一个流程工业运营管理软件。Siemens JT Bi-Directional Translator for STEP是一个数据转换工具。 Siemens多款产品存在信任管理问题漏洞,该漏洞源于缺少服务器证书验证,可能导致中间人攻击。以下产品受到影响:Siemens COMOS、JT Bi-Directional Translator for STEP、NX、Simcenter Studio、Simcenter 3D、Simcenter Femap、Simcenter System Architect和Tecnomatix Plant Simulation。
Description (English)
Siemens NX and others are products of Siemens, Germany. Siemens NX is Siemens COMOS, a process industry operating management software. Siemens JT Bi-Directal Translator for STEP is a data conversion tool. There is a trust management gap in multiple Siemens products, which stems from a lack of server certification and may lead to attacks by intermediaries. The following products were affected: Siemens COMOS, JT Bi-directal Translator for STEP, NX, Simcenter Studio, Simcenter 3D, Simcenter Femap, Simcenter System Architect and Tecnomatix Plant Simulation.
Hazard Level
Medium
Vulnerability Type
信任管理问题
Affected Vendor
西门子
Published
2025-12-09
Last Modified
2026-02-24
References
https://cert-portal.siemens.com/productcert/html/ssa-212953.html https://cert-portal.siemens.com/productcert/html/ssa-710408.html
Patch
https://cert-portal.siemens.com/productcert/html/ssa-710408.html
Share on: