OTPulse
FeedAboutContact

Siemens Simcenter STAR-CCM+ Viewer

Plan Patch7.8ICS-CERT ICSA-21-350-15Dec 14, 2021
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

Siemens Simcenter STAR-CCM+ Viewer contains a buffer overflow vulnerability (CWE-787) in its scene (.sce) file parser. When a user opens a malicious scene file, the vulnerability can be triggered, leading to application crash, arbitrary code execution, or data extraction on the host workstation. Versions before 2021.3.1 are affected. The vulnerability requires user interaction (opening a malicious file) and is not remotely exploitable.

What this means
What could happen
If a user opens a malicious scene (.sce) file in Simcenter STAR-CCM+ Viewer, an attacker could run arbitrary code on that workstation or extract sensitive data. This could compromise engineering data or the integrity of simulation work used in design and analysis.
Who's at risk
Organizations using Siemens Simcenter STAR-CCM+ Viewer for computational fluid dynamics (CFD) simulation and analysis. This affects engineering workstations and design teams that open scene files as part of their workflow, particularly those who may receive files from external collaborators, vendors, or untrusted networks.
How it could be exploited
An attacker creates a malicious .sce (scene) file and tricks a user into opening it with the vulnerable Simcenter STAR-CCM+ Viewer application. When the file is processed, a buffer overflow (CWE-787) is triggered, allowing the attacker to execute code or read data on the workstation. The user must be social-engineered to open the file; the exploit does not occur remotely.
Prerequisites
  • Vulnerable Simcenter STAR-CCM+ Viewer application installed on a workstation
  • User interaction required: victim must open a malicious .sce file
  • No network access required; attack is local file-based
User interaction required (social engineering needed)Local file-based attack vectorBuffer overflow vulnerabilityCould lead to arbitrary code execution on workstation
Exploitability
Low exploit probability (EPSS 0.4%)
Affected products (1)
ProductAffected VersionsFix Status
Simcenter STAR-CCM+ Viewer<2021.3.12021.3.1
Remediation & Mitigation
0/3
Do now
0/1
WORKAROUNDInstruct users to not open scene (.sce) files from untrusted or unknown sources
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Simcenter STAR-CCM+ Viewer to version 2021.3.1 or later
Long-term hardening
0/1
HARDENINGConsider restricting or disabling automatic file associations for .sce files in group policy if users do not regularly work with scene files from external sources
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/b5b2ae5c-78e6-4c51-9cd0-807a64be796e
Siemens Simcenter STAR-CCM+ Viewer | CVSS 7.8 - OTPulse