CVE-2026-22923

EPSS 0.01%
Veröffentlicht 10.02.2026 09:58:45
Zuletzt bearbeitet 10.03.2026 18:18:13
Quelle productcert@siemens.com
CVE-Watchlists
Login
Unerledigt
Login

A vulnerability has been identified in NX (All versions < V2512), NX (Managed Mode) (All versions < V2512). The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially lead to arbitrary code execution.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

NVD 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Siemens ≫ Nx Version < 2512.0

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.004

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
productcert@siemens.com	7.3	0	0	CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
productcert@siemens.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-121 Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

https://cert-portal.siemens.com/productcert/html/ssa-535115.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-22923

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-22923

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-22923

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-22923