Cyber Posture

CVE-2026-22923

High

Published: 10 February 2026

Published
10 February 2026
Modified
10 March 2026
KEV Added
Patch
CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0001 0.7th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-22923 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Siemens Nx. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious File (T1204.002); ranked at the 0.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Threat & Defense at a Glance

What attackers do: exploitation maps to Malicious File (T1204.002). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Directly addresses the data validation vulnerability (CWE-121) by enforcing validation of malformed inputs during the PDF export process to prevent interference with internal data.

SI-2 Flaw Remediation good match
prevent

Requires timely identification, reporting, and patching of the specific flaw in NX versions prior to V2512, as recommended in the Siemens advisory.

SI-16 Memory Protection good match
prevent

Implements memory protections such as stack canaries or DEP to safeguard against arbitrary code execution resulting from the buffer overflow during PDF export.

MITRE ATT&CK Enterprise TechniquesAI

T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
attack.mitre.org →
Why these techniques?

Local arbitrary code execution via malformed input during PDF export in Siemens NX directly facilitates T1204.002 (user opens/exports malicious file).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

A vulnerability has been identified in NX (All versions < V2512), NX (Managed Mode) (All versions < V2512). The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during…

more

the PDF export process that could potentially lead to arbitrary code execution.

Deeper analysisAI

CVE-2026-22923 is a data validation vulnerability, classified under CWE-121, affecting Siemens NX software in all versions prior to V2512, as well as NX in Managed Mode prior to V2512. The issue arises during the PDF export process, where malformed input can interfere with internal data handling, potentially enabling arbitrary code execution. Published on 2026-02-10, it carries a CVSS v3.1 base score of 7.8 (High), reflecting its severity due to high impacts on confidentiality, integrity, and availability.

Exploitation requires local access to the affected system, with low attack complexity and no privileges needed from the attacker, though user interaction is required to trigger the PDF export. A successful attack could allow the adversary to execute arbitrary code in the context of the application, compromising the system at a high level across all impact metrics.

The Siemens security advisory SSA-535115, available at https://cert-portal.siemens.com/productcert/html/ssa-535115.html, provides guidance on mitigation, including recommended patches and any available workarounds for affected NX versions.

Details

CWE(s)
CWE-121

Affected Products

siemens
nx
≤ 2512.0

CVEs Like This One

CVE-2026-23715Same vendor: Siemens
CVE-2025-25175Same vendor: Siemens
CVE-2026-23716Same vendor: Siemens
CVE-2026-23717Same vendor: Siemens
CVE-2025-23396Same vendor: Siemens
CVE-2025-23400Same vendor: Siemens
CVE-2026-25570Same vendor: Siemens
CVE-2026-23718Same vendor: Siemens
CVE-2025-40795Same vendor: Siemens
CVE-2025-23399Same vendor: Siemens

References