SSA-535115
Vulnerability from csaf_siemens - Published: 2026-02-10 00:00 - Updated: 2026-03-10 00:00Summary
SSA-535115: Data Validation Vulnerability in NX Before V2512
Notes
Summary: Siemens NX is affected by missing data validation vulnerability that could allow an attacker with local access on a compromised system to interfere with internal data during the PDF export process that could potentially lead to arbitrary code execution.
Siemens has released a new version of NX which resolves the data tampering vulnerability.
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
7.8 (High)
6.7 (Medium)
Mitigation
Prioritize strong overall system hygiene to prevent initial system infection which includes maintaining fully patched systems, robust endpoint security, and continuous monitoring for signs of compromise
Vendor Fix
Update to V2512 or later version
https://support.sw.siemens.com/product/209349590/
References
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Siemens NX is affected by missing data validation vulnerability that could allow an attacker with local access on a compromised system to interfere with internal data during the PDF export process that could potentially lead to arbitrary code execution. \n\nSiemens has released a new version of NX which resolves the data tampering vulnerability.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-535115: Data Validation Vulnerability in NX Before V2512 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-535115.html"
},
{
"category": "self",
"summary": "SSA-535115: Data Validation Vulnerability in NX Before V2512 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-535115.json"
}
],
"title": "SSA-535115: Data Validation Vulnerability in NX Before V2512",
"tracking": {
"current_release_date": "2026-03-10T00:00:00.000Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-535115",
"initial_release_date": "2026-02-10T00:00:00.000Z",
"revision_history": [
{
"date": "2026-02-10T00:00:00.000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2026-03-10T00:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added product-specific CVSS for NX with managed mode"
}
],
"status": "interim",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c2512",
"product": {
"name": "NX",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "NX"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c2512",
"product": {
"name": "NX (Managed Mode)",
"product_id": "2"
}
}
],
"category": "product_name",
"name": "NX (Managed Mode)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-22923",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially lead to arbitrary code execution.",
"title": "Summary"
},
{
"category": "summary",
"text": "An attacker would need privileged access to the application running in managed mode in order to exploit",
"title": "For NX (Managed Mode)"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Prioritize strong overall system hygiene to prevent initial system infection which includes maintaining fully patched systems, robust endpoint security, and continuous monitoring for signs of compromise",
"product_ids": [
"1",
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V2512 or later version",
"product_ids": [
"1",
"2"
],
"url": "https://support.sw.siemens.com/product/209349590/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
},
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"2"
]
}
],
"title": "CVE-2026-22923"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…