CVE-2026-23715
Published: 10 February 2026
Summary
CVE-2026-23715 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Siemens Simcenter Femap. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious File (T1204.002); ranked at the 0.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires timely flaw remediation by patching Simcenter Femap and Nastran to V2512 or later, directly eliminating the out-of-bounds write vulnerability.
Implements memory protections such as ASLR, DEP, and stack canaries that prevent reliable exploitation of out-of-bounds write vulnerabilities leading to arbitrary code execution.
Mandates validation of information inputs like specially crafted XDB files to block malformed data from triggering the parsing-related out-of-bounds write.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Out-of-bounds write in file parser enables RCE via crafted XDB file opened by user, directly mapping to malicious file user execution.
NVD Description
A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds write vulnerability while parsing specially crafted XDB files. This could allow an attacker to…
more
execute code in the context of the current process.
Deeper analysisAI
CVE-2026-23715 is an out-of-bounds write vulnerability (CWE-787) affecting Simcenter Femap and Simcenter Nastran in all versions prior to V2512. The flaw occurs while parsing specially crafted XDB files, potentially allowing an attacker to execute arbitrary code in the context of the current process. Published on 2026-02-10 with a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), it poses a high-impact risk to affected systems.
Exploitation requires local access to the target system with no privileges needed, but user interaction is necessary, such as convincing a user to open a malicious XDB file in the vulnerable application. Successful exploitation enables arbitrary code execution with the privileges of the running process, potentially leading to full system compromise if the application runs with elevated permissions.
Siemens has published security advisory SSA-965753 detailing the vulnerability and mitigation steps, available at https://cert-portal.siemens.com/productcert/html/ssa-965753.html. Security practitioners should consult this advisory for patch information and apply updates to versions V2512 or later.
Details
- CWE(s)