OTPulse

Siemens Solid Edge

Plan PatchCVSS 7.8ICS-CERT ICSA-22-286-03Oct 11, 2022
Siemens
Attack path
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

Solid Edge is affected by a heap overflow vulnerability that can be triggered when the application reads DWG (AutoCAD drawing) files. If a user is tricked into opening a malicious DWG file, an attacker can execute arbitrary code in the context of the Solid Edge process. The vulnerability is not remotely exploitable and requires user interaction. Siemens has released a patch in SE2022MP9 and recommends updating to the latest version. As a mitigation, users should avoid opening DWG files from untrusted sources.

What this means
What could happen
A user opening a malicious DWG file in Solid Edge could allow an attacker to run arbitrary code on that workstation with the user's privileges, potentially compromising design data or enabling lateral movement into the plant network.
Who's at risk
Engineering teams and designers using Solid Edge for CAD work. Anyone with Solid Edge installations on workstations that access plant networks or sensitive design data. This primarily affects the IT infrastructure supporting plant engineering, not the OT systems themselves, but compromised engineering workstations can be a stepping stone into the plant network.
How it could be exploited
An attacker crafts a malicious DWG file and tricks a Solid Edge user into opening it. When the application parses the file, a heap overflow is triggered, allowing the attacker to inject and execute arbitrary code in the context of the Solid Edge process running on that workstation.
Prerequisites
  • User must open a malicious DWG file in Solid Edge
  • Social engineering or file delivery mechanism required to get the file to the user
  • User must be running a vulnerable version (earlier than SE2022MP9)
User interaction required (file opening)Low attack complexityNo network access needed from attacker's positionAffects confidentiality and integrity of design data
Exploitability
Unlikely to be exploited — EPSS score 0.1%
Affected products (1)
ProductAffected VersionsFix Status
Solid Edge<SE2022MP9SE2022MP9+
Remediation & Mitigation
0/4
Do now
0/1
WORKAROUNDAvoid opening DWG files from untrusted sources
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Solid Edge to SE2022MP9 or later
Long-term hardening
0/2
HARDENINGImplement network segmentation to isolate engineering workstations from the plant OT network and the internet
HARDENINGRestrict internet access from engineering workstations or require VPN with strict controls
View full CISA ICS-CERT advisory
API: /api/v1/advisories/44c140ff-c2cf-46e9-93b4-dc1a389287e8

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.

Siemens Solid Edge | CVSS 7.8 - OTPulse