8.7

CVE-2026-33893

A vulnerability has been identified in Teamcenter V2312 (All versions < V2312.0014), Teamcenter V2406 (All versions < V2406.0012), Teamcenter V2412 (All versions < V2412.0009), Teamcenter V2506 (All versions < V2506.0005), Teamcenter V2512 (All versions). The affected application contains hardcoded key which is used for obfuscation stored directly into the application.
This could allow an attacker to obtain these keys and misuse them to gain unauthorized access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SiemensTeamcenter Version >= 2312.0 < 2312.0014
SiemensTeamcenter Version >= 2406.0 < 2406.0012
SiemensTeamcenter Version >= 2412.0 < 2412.0009
SiemensTeamcenter Version >= 2506.0 < 2506.0005
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.29% 0.202
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
productcert@siemens.com 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
productcert@siemens.com 8.7 0 0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

https://cert-portal.siemens.com/productcert/html/ssa-827383.html
Vendor Advisory