Description
A vulnerability has been identified in NX (All versions < V2512), NX (Managed Mode) (All versions < V2512). The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially lead to arbitrary code execution.
Published: 2026-02-10
Score: 7.3 High
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary code execution
Action: Patch Immediately
AI Analysis

Impact

The vulnerability is a data validation flaw in the PDF export feature of Siemens NX and its Managed Mode. An attacker who obtains local access can manipulate internal data during the export process, which may lead to arbitrary code execution. The weakness is characterized as a stack buffer overflow (CWE‑121).

Affected Systems

All versions of Siemens NX and Siemens NX (Managed Mode) earlier than V2512 are vulnerable.

Risk and Exploitability

The CVSS score of 7.3 indicates a high impact. The EPSS score of less than 1% shows a very low probability of exploitation, and the vulnerability is not listed in the CISA KEV catalog. Because the flaw requires local access, the likely attack vector is a local user or process with sufficient privileges. Exploitation would involve providing crafted input to the PDF export path, causing a buffer overflow that could execute arbitrary code on the affected system.

Generated by OpenCVE AI on April 16, 2026 at 17:19 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply Siemens NX version V2512 or a later release to eliminate the PDF export data validation flaw.
  • Restrict or disable the PDF export capability for local users when the functionality is not required.
  • Enable detailed logging of PDF export operations to detect anomalous activity and verify that the patch is effective.

Generated by OpenCVE AI on April 16, 2026 at 17:19 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Apr 2026 17:45:00 +0000

Type Values Removed Values Added
Title Local Arbitrary Code Execution via PDF Export in Siemens NX

Tue, 10 Mar 2026 16:30:00 +0000

Type Values Removed Values Added
Description A vulnerability has been identified in NX (All versions < V2512). The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially lead to arbitrary code execution. A vulnerability has been identified in NX (All versions < V2512), NX (Managed Mode) (All versions < V2512). The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially lead to arbitrary code execution.

Thu, 26 Feb 2026 21:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:siemens:nx:*:*:*:*:*:*:*:*

Tue, 10 Feb 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 10 Feb 2026 12:45:00 +0000

Type Values Removed Values Added
First Time appeared Siemens
Siemens nx
Vendors & Products Siemens
Siemens nx

Tue, 10 Feb 2026 10:15:00 +0000

Type Values Removed Values Added
Description A vulnerability has been identified in NX (All versions < V2512). The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially lead to arbitrary code execution.
Weaknesses CWE-121
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 7.3, 'vector': 'CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Siemens Nx
cve-icon MITRE

Status: PUBLISHED

Assigner: siemens

Published:

Updated: 2026-03-10T16:07:51.795Z

Reserved: 2026-01-13T15:21:45.768Z

Link: CVE-2026-22923

cve-icon Vulnrichment

Updated: 2026-02-10T19:53:39.435Z

cve-icon NVD

Status : Modified

Published: 2026-02-10T10:15:58.050

Modified: 2026-03-10T18:18:13.233

Link: CVE-2026-22923

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T17:30:25Z

Weaknesses