Simcenter Femap and Parasolid

Plan Patch7.8ICS-CERT ICSA-22-195-09Jul 12, 2022

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Simcenter Femap and Parasolid contain an out-of-bounds read vulnerability triggered when opening malicious NEU (neutral geometry) format files. The flaw allows an attacker to execute arbitrary code in the context of the application if a user is tricked into opening a crafted file. This affects design and modeling workflows in engineering environments. Siemens has released updates for all affected product versions.

What this means

What could happen

An attacker could execute arbitrary code on an engineering workstation running Simcenter Femap or Parasolid if a user opens a malicious NEU format file, potentially compromising the integrity of design data or control system models.

Who's at risk

This vulnerability affects engineering teams and CAD/CAM departments at organizations using Siemens Parasolid (version 33.1, 34.0, 34.1) or Simcenter Femap (version 2022.1, 2022.2) for design and modeling work. It impacts workstations used for product design, simulation, and control system engineering.

How it could be exploited

An attacker crafts a malicious NEU (neutral geometry) format file and tricks a user into opening it with Simcenter Femap or Parasolid. The application reads out-of-bounds memory from the malformed file, triggering code execution in the context of the engineering workstation user's account.

Prerequisites

User must open a malicious NEU file using Simcenter Femap or Parasolid
Affected product versions must be running (Parasolid V33.1 < 33.1.264, V34.0 < 34.0.250, V34.1 < 34.1.233, or Simcenter Femap V2022.1 < 2022.1.3, V2022.2 < 2022.2.2)

requires user interaction (file open)low complexity exploitationaffects engineering workstation securitydesign data at risk

Exploitability

Low exploit probability (EPSS 0.4%)

Affected products (5)

5 with fix

ProductAffected VersionsFix Status

Parasolid V33.1<V33.1.26433.1.264

Parasolid V34.0<V34.0.25034.0.250

Parasolid V34.1<V34.1.23334.1.233

Simcenter Femap V2022.1<V2022.1.32022.1.3

Simcenter Femap V2022.2<V2022.2.22022.2.2

Remediation & Mitigation

0/7

Do now

0/1

WORKAROUNDInstruct users not to open NEU files from untrusted sources in Simcenter Femap or Parasolid

Schedule — requires maintenance window

0/5

Patching may require device reboot — plan for process interruption

Parasolid V33.1

HOTFIXUpdate Parasolid V33.1 to version 33.1.264 or later

Parasolid V34.0

HOTFIXUpdate Parasolid V34.0 to version 34.0.250 or later

Parasolid V34.1

HOTFIXUpdate Parasolid V34.1 to version 34.1.233 or later

Simcenter Femap V2022.1

HOTFIXUpdate Simcenter Femap V2022.1 to version 2022.1.3 or later

Simcenter Femap V2022.2

HOTFIXUpdate Simcenter Femap V2022.2 to version 2022.2.2 or later

Long-term hardening

0/1

HARDENINGImplement network segmentation to isolate engineering workstations from the Internet and restrict file sharing sources

CVEs (1)

CVE-2022-34465

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/c12e5524-f9b4-4f57-9b5c-43dc352c8c8b