CVE-2026-23716 – An out-of-bounds read vulnerability in Simcente... (How to Fix)

Q: What is the severity of CVE-2026-23716?

CVE-2026-23716 has a CVSS score of 7.8 (HIGH). An out-of-bounds read vulnerability in Simcenter Femap and Simcenter Nastran allows attackers to execute arbitrary code by tricking users into opening malicious XDB files. All versions before V2512 are affected. This impacts engineering and simulation professionals using these Siemens software tools.

📋 TL;DR

An out-of-bounds read vulnerability in Simcenter Femap and Simcenter Nastran allows attackers to execute arbitrary code by tricking users into opening malicious XDB files. All versions before V2512 are affected. This impacts engineering and simulation professionals using these Siemens software tools.

💻 Affected Systems

Products:

Simcenter Femap
Simcenter Nastran

Versions: All versions before V2512

Operating Systems: Windows, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in XDB file parsing functionality used by both applications.

📦 What is this software?

Simcenter Femap by Siemens

View all CVEs affecting Simcenter Femap →

Simcenter Nastran by Siemens

View all CVEs affecting Simcenter Nastran →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise through remote code execution, potentially leading to data theft, system manipulation, or lateral movement within the network.

🟠

Likely Case

Local privilege escalation or application crash when users open malicious XDB files, potentially disrupting engineering workflows.

🟢

If Mitigated

Limited impact with proper file validation and user awareness preventing malicious file execution.

🌐 Internet-Facing: LOW - Requires user interaction to open malicious files, not directly exploitable over network.

🏢 Internal Only: MEDIUM - Internal users could be tricked into opening malicious files via email or shared drives.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires user interaction to open malicious XDB file. No public exploits available at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: V2512 or later

Vendor Advisory: https://cert-portal.siemens.com/productcert/html/ssa-965753.html

Restart Required: Yes

Instructions:

1. Download V2512 or later from Siemens support portal. 2. Backup current configurations. 3. Run installer with administrative privileges. 4. Restart system after installation completes.

🔧 Temporary Workarounds

Restrict XDB file handling

all

Block or restrict opening of XDB files from untrusted sources

Application sandboxing

all

Run Simcenter applications in restricted user accounts or sandboxed environments

🧯 If You Can't Patch

Implement strict file validation policies to block XDB files from untrusted sources
Train users to avoid opening XDB files from unknown or suspicious origins

🔍 How to Verify

Check if Vulnerable:

Check application version in Help > About menu. If version is below V2512, system is vulnerable.

Check Version:

Not applicable - check via application GUI Help > About menu

Verify Fix Applied:

Confirm version shows V2512 or higher in Help > About menu after update.

📡 Detection & Monitoring

Log Indicators:

Application crashes when opening XDB files
Unexpected process creation from Simcenter applications

Network Indicators:

Unusual outbound connections from Simcenter processes

SIEM Query:

Process creation where parent process contains 'femap' or 'nastran' and command line contains suspicious parameters

📊 Metadata

CVE ID: CVE-2026-23716

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-125

EPSS Score: 0.01% exploit probability (0.2th percentile)

Published: February 10, 2026

Last Updated: February 11, 2026

🔗 References

https://cert-portal.siemens.com/productcert/html/ssa-965753.html Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-23716, you might also want to check these: