{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-33893","assignerOrgId":"cec7a2ec-15b4-4faf-bd53-b40f371f3a77","state":"PUBLISHED","assignerShortName":"siemens","dateReserved":"2026-03-24T15:32:19.391Z","datePublished":"2026-05-12T08:21:15.796Z","dateUpdated":"2026-05-12T13:25:42.831Z"},"containers":{"cna":{"providerMetadata":{"orgId":"cec7a2ec-15b4-4faf-bd53-b40f371f3a77","shortName":"siemens","dateUpdated":"2026-05-12T08:21:15.796Z"},"descriptions":[{"lang":"en","value":"A vulnerability has been identified in Teamcenter V2312 (All versions < V2312.0014), Teamcenter V2406 (All versions < V2406.0012), Teamcenter V2412 (All versions < V2412.0009), Teamcenter V2506 (All versions < V2506.0005), Teamcenter V2512 (All versions). The affected application contains hardcoded key which is used for obfuscation stored directly into the application.\r\nThis could allow an attacker to obtain these keys and misuse them to gain unauthorized access."}],"affected":[{"vendor":"Siemens","product":"Teamcenter V2312","versions":[{"status":"affected","version":"0","lessThan":"V2312.0014","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Teamcenter V2406","versions":[{"status":"affected","version":"0","lessThan":"V2406.0012","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Teamcenter V2412","versions":[{"status":"affected","version":"0","lessThan":"V2412.0009","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Teamcenter V2506","versions":[{"status":"affected","version":"0","lessThan":"V2506.0005","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Teamcenter V2512","versions":[{"status":"unaffected","version":"0","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH"}},{"cvssV4_0":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N","baseScore":8.7,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-798","description":"CWE-798: Use of Hard-coded Credentials","type":"CWE"}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-827383.html"}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-05-12T13:25:24.360747Z","id":"CVE-2026-33893","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-05-12T13:25:42.831Z"}}]}}