Siemens Analytics Toolkit

Title: Siemens Analytics Toolkit | CISA

URL Source: https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-04

Markdown Content: # Siemens Analytics Toolkit | CISA

An official website of the United States government

Here’s how you know

Here’s how you know

**Official websites use .gov**

A **.gov** website belongs to an official government organization in the United States.

**Secure .gov websites use HTTPS**

A **lock** () or **https://** means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

**Due to the lapse in federal funding, this website will not be actively managed.**[**Read More**](https://go.dhs.gov/lapse-2026)

[no-cost Cyber Services](https://www.cisa.gov/resources-tools/resources/free-cybersecurity-services-and-tools "Free Cyber Services")[Secure by design](https://www.cisa.gov/securebydesign)[Secure Your Business](https://www.cisa.gov/secureyourbusiness)[Shields Up](https://www.cisa.gov/node/8056)[Report A Cyber Issue](https://www.cisa.gov/report)

Search

[×](javascript:void(0) "Clear search box")

Menu

Close

[×](javascript:void(0) "Clear search box")

* Topics[Topics](https://www.cisa.gov/topics) [Cybersecurity Best Practices](https://www.cisa.gov/topics/cybersecurity-best-practices) [Cyber Threats and Response](https://www.cisa.gov/topics/cyber-threats-and-response) [Critical Infrastructure Security and Resilience](https://www.cisa.gov/topics/critical-infrastructure-security-and-resilience) [Election Security](https://www.cisa.gov/topics/election-security) [Emergency Communications](https://www.cisa.gov/topics/emergency-communications) [Industrial Control Systems](https://www.cisa.gov/topics/industrial-control-systems) [Information and Communications Technology Supply Chain Security](https://www.cisa.gov/topics/information-communications-technology-supply-chain-security) [Partnerships and Collaboration](https://www.cisa.gov/topics/partnerships-and-collaboration) [Physical Security](https://www.cisa.gov/topics/physical-security) [Risk Management](https://www.cisa.gov/topics/risk-management) [How can we help?](https://www.cisa.gov/audiences) [Government](https://www.cisa.gov/topics/government)[Educational Institutions](https://www.cisa.gov/topics/educational-institutions)[Industry](https://www.cisa.gov/topics/industry)[State, Local, Tribal, and […]

[… 9,336 Zeichen — nächste Zone: keyword-dense paragraphs …]

**Multiple Siemens applications are affected by improper certificate validation in Siemens Analytics Toolkit. This could allow an unauthenticated remote attacker to perform man in the middle attacks. Siemens has released new versions for the affected products and recommends to update to the latest versions.**

* Siemens Software Center vers:intdot/<3.5.8.2 (CVE-2025-40745) * Simcenter 3D vers:intdot/<2506.6000 (CVE-2025-40745) * Simcenter Femap vers:intdot/<2506.0002 (CVE-2025-40745) * Simcenter STAR-CCM+ vers:intdot/<2602 (CVE-2025-40745) * Solid Edge SE2025 * Solid Edge SE2026 * Tecnomatix Plant Simulation vers:intdot/<2504.0008 (CVE-2025-40745)

| CVSS Version | Base Score | Base Severity | Vector String | | --- | --- | --- | --- | | **CVSS Version**3.1 | **Base Score**3.7 | **Base Severity**LOW | **Vector String**[CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N](https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N "(opens in a new window)") |

| CVSS | Vendor | Equipment | Vulnerabilities | | --- | --- | --- | --- | | **CVSS**v3 3.7 | **Vendor**Siemens | **Equipment**Siemens Analytics Toolkit | **Vulnerabilities**Improper Certificate Validation |

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

This ICSA is a verbatim republication of Siemens ProductCERT SSA-981622 from a direct conversion of the vendor's Common Security Advisory Framework (CSAF) advisory.

1. [Home](https://www.cisa.gov/) 2. [News & Events](https://www.cisa.gov/news-events) 3.

Update […]

[… 8,926 Zeichen — nächste Zone: tail …]

ICS Advisory | ICSA-26-111-12

### [SenseLive X3050](https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12)

[Return to top](https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-04#top)

* [Topics](https://www.cisa.gov/topics) * [Spotlight](https://www.cisa.gov/spotlight) * [Resources & Tools](https://www.cisa.gov/resources-tools) * [News & Events](https://www.cisa.gov/news-events) * [Careers](https://www.cisa.gov/careers) * [About](https://www.cisa.gov/about)

[Cybersecurity & Infrastructure Security Agency](https://www.cisa.gov/ "Go to the Cybersecurity & Infrastructure Security Agency homepage")

* [Facebook](https://www.facebook.com/CISA) * [X](https://x.com/CISAgov) * [LinkedIn](https://www.linkedin.com/company/cybersecurity-and-infrastructure-security-agency) * [YouTube](https://www.youtube.com/@cisagov) * [Instagram](https://www.instagram.com/cisagov) * [RSS](https://www.cisa.gov/subscribe-updates-cisa)

CISA Central[1-844-Say-CISA](tel:1-844-Say-CISA)[contact@cisa.dhs.gov](mailto:contact@cisa.dhs.gov)

DHS Seal

CISA.gov

An official website of the U.S. Department of Homeland Security

* [About CISA](https://www.cisa.gov/about "About CISA") * [Budget and Performance](https://www.dhs.gov/performance-financial-reports "Budget and Performance") * [DHS.gov](https://www.dhs.gov/ "Department of Homeland Security") * [FOIA Requests](https://www.dhs.gov/foia "FOIA Requests") * [No FEAR Act](https://www.cisa.gov/no-fear-act "No FEAR Act Reporting") * [Office of Inspector General](https://www.oig.dhs.gov/ "Office of Inspector General") * [Privacy Policy](https://www.cisa.gov/privacy-policy "Privacy Policy") * [Subscribe](https://public.govdelivery.com/accounts/USDHSCISA/subscriber/new?topic_id=USDHSCISA_138 "Subscribe to Email Updates") * [The White House](https://www.whitehouse.gov/ "The White House") * [USA.gov](https://www.usa.gov/ "USA.gov") * [Website Feedback](https://www.cisa.gov/forms/feedback "Website Feedback")