Siemens Solid Edge

Plan Patch7.8ICS-CERT ICSA-21-287-06Sep 28, 2021

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Siemens Solid Edge SE2021 contains multiple file parsing vulnerabilities in the handling of IFC, JT, and OBJ file formats. These vulnerabilities include use-after-free (CWE-416), out-of-bounds read (CWE-125), and NULL pointer dereference (CWE-824) conditions. When a user opens a malicious file in one of these formats, the application may crash or allow arbitrary code execution on the host system. Siemens recommends updating to SE2021MP8 or later and avoiding opening files from untrusted sources.

What this means

What could happen

A user who opens a malicious file (IFC, JT, or OBJ format) in Solid Edge could trigger a crash or allow an attacker to run arbitrary code on their engineering workstation, potentially compromising design files or enabling lateral movement into the network.

Who's at risk

Engineering teams and CAD designers who use Siemens Solid Edge SE2021 (before MP8) should be aware of this risk, particularly those who receive or download design files (IFC, JT, OBJ) from external or third-party sources, suppliers, or partners. This affects any organization using Solid Edge for mechanical design, product modeling, or PLM workflows.

How it could be exploited

An attacker crafts a malicious IFC, JT, or OBJ file and tricks a user into opening it within Solid Edge. The file parsing vulnerabilities (use-after-free, out-of-bounds read, NULL pointer dereference) are triggered when the application processes the file, either crashing the application or executing attacker-supplied code with the privileges of the user running Solid Edge.

Prerequisites

User must open a malicious file using Solid Edge
File must be in IFC, JT, or OBJ format
Solid Edge SE2021 version prior to MP8 must be installed
No authentication or special network access required

User interaction required (file must be opened)Affects engineering workstations not production systemsLow complexity attackEPSS score <1% (0.7%)No known public exploits

Exploitability

Low exploit probability (EPSS 0.7%)

Affected products (1)

ProductAffected VersionsFix Status

Solid Edge SE2021<SE2021MP8SE2021MP8 or later

Remediation & Mitigation

0/4

Do now

0/1

WORKAROUNDDo not open IFC, JT, or OBJ files from untrusted or unknown sources

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Solid Edge SE2021 to SE2021MP8 or later

Long-term hardening

0/2

HARDENINGImplement file filtering or content inspection controls to prevent malicious CAD files from reaching engineering workstations

HARDENINGRestrict direct file transfers to engineering workstations to known and vetted sources only

CVEs (10)

CVE-2021-37202 CVE-2021-37203 CVE-2021-41533 CVE-2021-41534 CVE-2021-41535 CVE-2021-41536 CVE-2021-41537 CVE-2021-41538 CVE-2021-41539 CVE-2021-41540

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/e538b9e4-9996-4226-8db2-ab95a785ab0f