High severity7.4NVD Advisory· Published Dec 9, 2025· Updated Apr 15, 2026
CVE-2025-40800
CVE-2025-40800
Description
A vulnerability has been identified in COMOS V10.6 (All versions < V10.6.1), COMOS V10.6 (All versions < V10.6.1), NX V2412 (All versions < V2412.8700), NX V2506 (All versions < V2506.6000), Simcenter 3D (All versions < V2506.6000), Simcenter Femap (All versions < V2506.0002), Solid Edge SE2025 (All versions < V225.0 Update 10), Solid Edge SE2026 (All versions < V226.0 Update 1). The IAM client in affected products is missing server certificate validation while establishing TLS connections to the authorization server. This could allow an attacker to perform a man-in-the-middle attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- Range: < V10.6.1
- Range: < V2506.6000
- Range: < V2506.0002
- Range: < V225.0 Update 10
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.