Step Tools Third-Party

Low Risk2.2ICS-CERT ICSA-23-068-04Mar 29, 2023

Attack VectorLocal

Auth RequiredLow

ComplexityHigh

User InteractionRequired

Summary

STEPTools v18.1 ifcmesh library contains a null pointer dereference (CWE-476) that causes a denial of service when reading a specially constructed file. The vulnerability requires local access and user interaction to trigger.

What this means

What could happen

An attacker could crash the STEPTools application by providing a malicious file, preventing legitimate users from processing CAD/BIM models until the application is restarted.

Who's at risk

Engineering teams and design professionals who use STEPTools for CAD/BIM model processing, including infrastructure design firms, architectural practices, and utility planning departments that work with IFC (Building Information Modeling) or mesh file formats.

How it could be exploited

An attacker must place a specially crafted file (likely a malformed IFC or mesh file) on a system where a user with access to STEPTools will open it. When the user opens the file in the application, the null pointer dereference triggers, crashing the application.

Prerequisites

Local file system access or ability to deliver file to target user
User must open the malicious file in STEPTools application
STEPTools v18.1 must be installed

Requires user interaction to triggerLow complexity attackCauses application crash only (denial of service)No known public exploits

Exploitability

Low exploit probability (EPSS 0.0%)

Affected products (1)

ProductAffected VersionsFix Status

STEPTools v18SP1 ifcmesh library: (v18.1)18.118.102

Remediation & Mitigation

0/3

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate STEPTools to version 18.102 or later

Long-term hardening

0/2

HARDENINGImplement file validation and sandboxing for untrusted CAD/mesh files before opening in STEPTools

HARDENINGRestrict file import sources to trusted suppliers and validate file integrity when possible

CVEs (1)

CVE-2023-0973

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/0c69e8fa-9946-4b03-9ac5-a91110435ba3