OTPulse
FeedAboutContact

Siemens Simcenter STAR-CCM+ Viewer

Plan Patch7.8ICS-CERT ICSA-22-069-05Mar 8, 2022
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

Siemens Simcenter STAR-CCM+ Viewer versions prior to 2022.1 contain a memory corruption vulnerability triggered when reading scene (.sce) files. If a user opens a malicious file, the application may crash or allow arbitrary code execution on the target workstation. The vulnerability requires user interaction and is not remotely exploitable.

What this means
What could happen
If a user opens a malicious scene (.sce) file, the STAR-CCM+ Viewer application could crash or execute arbitrary code on the workstation, potentially leading to loss of engineering work or compromise of the host system where simulation and design work is performed.
Who's at risk
Engineering and design staff at industrial manufacturers and utilities who use Siemens Simcenter STAR-CCM+ Viewer for computational fluid dynamics (CFD) analysis and simulation work on Windows workstations.
How it could be exploited
An attacker creates a malicious .sce (scene) file and tricks a user into opening it with Siemens STAR-CCM+ Viewer. When the application attempts to read the file, memory corruption occurs, which could result in a crash or allow the attacker to run code with the privileges of the user running the application.
Prerequisites
  • User must open a malicious .sce file from an untrusted source
  • Vulnerable version of Simcenter STAR-CCM+ Viewer (<2022.1) must be installed and used to open the file
  • Social engineering or file transfer mechanism to deliver the malicious file to the user
Local attack vector (file-based, not remotely exploitable)User interaction requiredActively exploited in the wild (E:P indicator)Could lead to arbitrary code execution on workstationAffects engineering workstations with potential access to design and operational data
Exploitability
Low exploit probability (EPSS 0.4%)
Affected products (1)
ProductAffected VersionsFix Status
Simcenter STAR-CCM+ Viewer<V2022.12022.1
Remediation & Mitigation
0/2
Do now
0/1
WORKAROUNDDo not open scene (.sce) files from untrusted or unknown sources
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Simcenter STAR-CCM+ Viewer to version 2022.1 or later
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/da13f5b0-3612-4dca-bbcc-f63eac42f89f
Siemens Simcenter STAR-CCM+ Viewer | CVSS 7.8 - OTPulse