CNNVD-202602-1646 Information

Feb 10, 2026 cve

CNNVD ID

CNNVD-202602-1646

CVE-2026-23717

CNNVD Published: 2026-02-10

Description (Chinese)

Siemens Simcenter Femap和Siemens Simcenter Nastran都是德国西门子（Siemens）公司的产品。Siemens Simcenter Femap是一款尖端工程学仿真应用程序。用于创建、编辑和导入/重用复杂产品或系统基于网格的有限元分析模型。Siemens Simcenter Nastran是一流的有限元方法（FEM）求解器，旨在提高计算性能、准确性和可靠性。 Siemens Simcenter Femap V2512之前版本和Siemens Simcenter Nastran V2512之前版本存在缓冲区错误漏洞，该漏洞源于解析特制XDB文件时存在越界读取，可能导致攻击者在当前进程环境中执行代码。

Description (English)

Siemens Simcenter Femap and Siemens Simcenter Nastran are products of Siemens, Germany. Siemens Simpson Femap is a sophisticated engineering simulation application. Limited meta-analysis models for creating, editing and importing/reusing complex products or systems based on grids. Siemens Simpson Nastran is a first-class, limited-utility (FEM) solver designed to improve computing performance, accuracy and reliability. Pre-Siemens Simcenter Femap V2512 and pre-Siemens Simcenter Nastran V2512 had an error loophole in the buffer zone, which stemmed from cross-border access to the XDB file, which could lead the attackers to enforce codes in the current process environment.

Hazard Level

Medium

Vulnerability Type

缓冲区错误

Affected Vendor

西门子

Published

2026-02-10

Last Modified

2026-02-24

References

https://cert-portal.siemens.com/productcert/html/ssa-965753.html https://access.redhat.com/security/cve/cve-2026-23717

Patch

https://cert-portal.siemens.com/productcert/html/ssa-965753.html

Share on: