Siemens Solid Edge

Plan Patch7.8ICS-CERT ICSA-23-131-01May 9, 2023

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Solid Edge SE2023 contains multiple memory corruption vulnerabilities (CWE-476, CWE-125, CWE-119, CWE-416) that can be triggered when the application reads specially crafted files in DWG, IFC, OBJ, or STP format. If a user is tricked into opening a malicious file, an attacker could crash the application or execute arbitrary code with the privileges of the user running Solid Edge.

What this means

What could happen

An attacker who tricks a user into opening a malicious file (DWG, IFC, OBJ, or STP format) could crash Solid Edge or execute arbitrary code on the workstation. This could compromise engineering data and the integrity of design files used in manufacturing and infrastructure projects.

Who's at risk

Engineering teams and design departments that use Siemens Solid Edge SE2023 to work with CAD files (DWG, IFC, OBJ, STP formats). This affects manufacturing companies, architecture/engineering firms, and infrastructure design teams that rely on Solid Edge for product design and modeling.

How it could be exploited

An attacker sends or hosts a specially crafted design file (DWG, IFC, OBJ, or STP) and convinces an engineer to open it in Solid Edge. When the file is opened, the memory corruption vulnerability is triggered, allowing the attacker to crash the application or run code with the permissions of the logged-in user.

Prerequisites

User interaction required: engineer must open a malicious file
Malicious file in one of these formats: DWG, IFC, OBJ, or STP
Solid Edge SE2023 version prior to V223.0 Update 2 or V223.0 Update 3
Local access (not remotely exploitable)

Requires user interaction (social engineering / phishing)Affects engineering workstations with design data accessMemory corruption vulnerabilities (crash or code execution)Multiple file format vectors (DWG, IFC, OBJ, STP)Not remotely exploitable but high local impact

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

Solid Edge SE2023<vers:/ V223.0 Update 2223.0 Update 2

Solid Edge SE2023<vers:/ V223.0 Update 3223.0 Update 3

Remediation & Mitigation

0/3

Do now

0/2

WORKAROUNDAvoid opening untrusted files (DWG, IFC, OBJ, STP) from unknown or unsolicited sources in Solid Edge

HARDENINGDo not click links or open attachments in unsolicited emails; verify file sources before opening in Solid Edge

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

Solid Edge SE2023

HOTFIXUpdate Solid Edge SE2023 to V223.0 Update 3 or later version

CVEs (4)

CVE-2023-0973 CVE-2023-30985 CVE-2023-30986 CVE-2023-39549

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/da702574-875f-4ea2-8426-9581987e1a95