CVE-2025-12659
CWE-122Published: May 12, 2026· Updated: May 12, 2026
Official Description
The affected applications contains a memory corruption vulnerability while parsing specially crafted IPT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-27349, ZDI-CAN-27389)
Technical Analysis
CVE-2025-12659 requires local access, meaning attackers must already have a foothold on the target system.
Exploitation does not require any privileges, though user interaction (P) is needed, which slightly reduces the risk of mass automated attacks.
CVSS v3.1 Vector Breakdown
Exploit & PoC Resources
News & Research Mentioning CVE-2025-12659
View CSAF Summary Simcenter Femap is affected by heap based buffer overflow vulnerability in Datakit library that could be triggered when the application reads files in IPT format. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process. Siemens has released a new version for Simcenter Femap and recommends to update to the latest version. The following versions of Siemens Simcenter Femap are affected: Simcenter Femap vers:intdot/<2512.0003 CVSS Vendor Equipment Vulnerabilities v3 7.8 Siemens Siemens Simcenter Femap Heap-based Buffer Overflow Background Critical Infrastructure Sectors: Critical Manufacturing Countrie [xlite_meta score:73 src:CISA Alerts xlite_fp:9cdfc3b7b314b1a36ee02b3bc3e0a47f419f277deaa4ee74acfae81aa57d152e]
All References (1)
Quick Facts
Known Threat Actors
Related CVEs (CWE-122)
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2025-12659 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts