CVE-2026-33893

EUVD-2026-29432

12.05.2026, 10:16

A vulnerability has been identified in Teamcenter V2312 (All versions < V2312.0014), Teamcenter V2406 (All versions < V2406.0012), Teamcenter V2412 (All versions < V2412.0009), Teamcenter V2506 (All versions < V2506.0005), Teamcenter V2512 (All versions). The affected application contains hardcoded key which is used for obfuscation stored directly into the application.
This could allow an attacker to obtain these keys and misuse them to gain unauthorized access.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 20%

Affected Products (NVD)

Vendor	Product	Version
siemens	teamcenter	2312.0 ≤ 𝑥 < 2312.0014
siemens	teamcenter	2406.0 ≤ 𝑥 < 2406.0012
siemens	teamcenter	2412.0 ≤ 𝑥 < 2412.0009
siemens	teamcenter	2506.0 ≤ 𝑥 < 2506.0005

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-798 - Use of Hard-coded Credentials
The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

References

https://cert-portal.siemens.com/productcert/html/ssa-827383.html