CVE-2025-27438 Siemens CVE debrief

Who should care

Administrators, engineers, and users responsible for Siemens Teamcenter Visualization and Tecnomatix Plant Simulation deployments should treat this as a priority patching item, especially where users routinely open externally sourced or untrusted 3D/visualization files.

Technical summary

The supplied advisory data describes a memory-safety flaw in WRL file parsing. When an affected application processes a specially crafted WRL file, it can read beyond the end of an allocated structure. The published impact is potential code execution in the current process. The CVSS vector provided is CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating local attack conditions with required user interaction.

Defensive priority

High. The vulnerability is rated 7.8 HIGH in the supplied data, affects six Siemens product/version branches, and has a potential code-execution impact if a user opens a malicious WRL file.

Recommended defensive actions

• Update Teamcenter Visualization V14.3 to V14.3.0.13 or later.
• Update Teamcenter Visualization V2312 to V2312.0009 or later.
• Update Teamcenter Visualization V2406 to V2406.0007 or later.
• Update Teamcenter Visualization V2412 to V2412.0002 or later.
• Update Tecnomatix Plant Simulation V2302 to V2302.0021 or later.
• Update Tecnomatix Plant Simulation V2404 to V2404.0010 or later.
• Do not open untrusted WRL files in affected applications.
• Use defense-in-depth and ICS security practices to reduce exposure while patching is in progress.

Evidence notes

All substantive claims are drawn from the supplied CISA CSAF advisory record for ICSA-25-072-01 and its cited Siemens references. The advisory was published on 2025-03-11 and revised on 2025-05-06 for typo fixes only. The affected products listed in the source are Teamcenter Visualization V14.3, V2312, V2406, V2412, and Tecnomatix Plant Simulation V2302 and V2404. The source does not list the vulnerability in KEV.

Official resources