Siemens Solid Edge
Plan Patch7.8ICS-CERT ICSA-23-047-01Feb 14, 2023
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
Solid Edge is affected by multiple memory corruption vulnerabilities (CWE-787, CWE-125, CWE-122, CWE-121, CWE-824, CWE-119, CWE-416) triggered when opening specially crafted files in X_B, DWG, DXF, STL, STP, SLDPRT, and PAR formats. If a user opens a malicious file, an attacker could crash the application, extract sensitive design data, or potentially execute arbitrary code with user privileges.
What this means
What could happen
Memory corruption vulnerabilities could allow an attacker to crash Solid Edge, steal design data, or execute arbitrary code if a user opens a malicious CAD file. This impacts engineering workstations and could disrupt product design workflows.
Who's at risk
Engineering teams and CAD design departments in manufacturing, aerospace, automotive, and product development sectors using Solid Edge SE2022 or SE2023 are affected. The vulnerability impacts workstations where engineers create, review, and share product designs and technical drawings.
How it could be exploited
An attacker crafts a malicious file in X_B, DWG, DXF, STL, STP, SLDPRT, or PAR format and sends it to an engineer via email or file-sharing service. When the user opens the file in Solid Edge, the memory corruption vulnerability is triggered, allowing the attacker to crash the application, read sensitive design files, or run commands on the workstation with the user's privileges.
Prerequisites
- User interaction required: engineer must open a malicious CAD file in Solid Edge
- Attacker must know or guess file formats the target uses (X_B, DWG, DXF, STL, STP, SLDPRT, PAR)
- Malicious file must be delivered to the user (email, USB, file share)
User interaction requiredLow attack complexityCAD files commonly shared via emailNo public exploit available yetPotentially no fix available for SE2022 all versions
Exploitability
Low exploit probability (EPSS 0.4%)
Affected products (3)
3 with fix
ProductAffected VersionsFix Status
Solid Edge SE2022<V222.0MP12222.0MP12
Solid Edge SE2023<V223.0Update2223.0Update2
Solid Edge SE2022All versionsV2210 Update12
Remediation & Mitigation
0/5
Do now
0/1WORKAROUNDDo not open CAD files (X_B, DWG, DXF, STL, STP, SLDPRT, PAR) from untrusted sources until patched
Schedule — requires maintenance window
0/2Patching may require device reboot — plan for process interruption
Solid Edge SE2022
HOTFIXUpdate Solid Edge SE2022 to V2210 Update12 or later
Solid Edge SE2023
HOTFIXUpdate Solid Edge SE2023 to V2023 Update2 or later
Long-term hardening
0/2HARDENINGEducate users on social engineering and email phishing to reduce risk of malicious file delivery
HARDENINGImplement network access controls and restrict outbound connections from engineering workstations
CVEs (37)
CVE-2021-32936CVE-2021-32938CVE-2021-32948CVE-2021-43336CVE-2021-43391CVE-2022-46345CVE-2022-46346CVE-2022-46347CVE-2022-46348CVE-2022-46349CVE-2023-22295CVE-2023-22321CVE-2023-22354CVE-2023-22669CVE-2023-22670CVE-2023-22846CVE-2023-23579CVE-2023-24549CVE-2023-24550CVE-2023-24551CVE-2023-24552CVE-2023-24553CVE-2023-24554CVE-2023-24555CVE-2023-24556CVE-2023-24557CVE-2023-24558CVE-2023-24559CVE-2023-24560CVE-2023-24561CVE-2023-24562CVE-2023-24563CVE-2023-24564CVE-2023-24565CVE-2023-24566CVE-2023-24581CVE-2023-25140
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/106e4a7f-8b28-4b52-92e2-8c4f94a39b2f