CVE-2026-23720 Siemens CVE debrief

Who should care

Organizations using Siemens Simcenter Femap or Simcenter Nastran, especially teams that routinely open or exchange NDB files. Engineering, CAD/CAE, and industrial environments should prioritize this issue because successful exploitation depends on user interaction with a crafted file and can impact the current process.

Technical summary

The advisory describes an out-of-bounds read in the parsing of specially crafted NDB files. The supplied CVSS vector is AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating local access and user interaction are required, but the potential impact is high. Affected products listed in the source are Siemens Simcenter Femap and Simcenter Nastran. Siemens remediation guidance in the advisory is to update to V2512 or later.

Defensive priority

High. The issue is exploitable through user handling of a malicious file and has a high CVSS score, so patching and file-ingestion controls should be prioritized for exposed engineering workstations and similar systems.

Recommended defensive actions

• Update Siemens Simcenter Femap to V2512 or later.
• Update Siemens Simcenter Nastran to V2512 or later.
• Do not open untrusted NDB files in affected applications.
• Inventory installations that use Simcenter Femap or Simcenter Nastran and confirm version status.
• Apply least-privilege and controlled file-transfer practices for engineering file workflows.
• Monitor the Siemens and CISA advisories for any follow-up guidance or revisions.

Evidence notes

This debrief is based on the supplied CISA CSAF source item for ICSA-26-048-01 and its referenced Siemens ProductCERT advisory SSA-965753. The source identifies the affected products as Siemens Simcenter Femap and Simcenter Nastran, describes an out-of-bounds read while parsing specially crafted NDB files, and lists remediation to update to V2512 or later. The published date is 2026-02-10 and the source was republished on 2026-02-17.

Official resources