Simcenter Femap Uninitialized Memory via SLDPRT (CVE-2025-40829)
CVE-2025-40829 Published on December 12, 2025
A vulnerability has been identified in Simcenter Femap (All versions < V2512). The affected applications contains an uninitialized memory vulnerability while parsing specially crafted SLDPRT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-27146)
Weakness Type
Use of Uninitialized Resource
The software uses or accesses a resource that has not been initialized. When a resource has not been properly initialized, the software may behave unexpectedly. This may lead to a crash or invalid memory access, but the consequences vary depending on the type of resource and how it is used within the software.
Products Associated with CVE-2025-40829
Want to know whenever a new CVE is published for Siemens Simcenter Femap? stack.watch will email you.
Affected Versions
Siemens Simcenter Femap:- Before V2512 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.