Siemens Solid Edge SE2023

Plan Patch7.8ICS-CERT ICSA-23-222-11Aug 8, 2023

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Solid Edge SE2023 contains memory corruption vulnerabilities (CWE-787 buffer overflow, CWE-125 out-of-bounds read) in its file parsing routines. The vulnerabilities are triggered when the application opens specially crafted files in DFT, PAR, or PSM format. Successful exploitation requires user interaction (opening a malicious file) and could result in application crash or arbitrary code execution with the privileges of the user running Solid Edge.

What this means

What could happen

An attacker could cause Solid Edge to crash or execute arbitrary code if a user opens a malicious CAD file. In an engineering environment, this could disrupt design workflows or allow an attacker to modify CAD models before they are sent to manufacturing systems.

Who's at risk

Design engineers and CAD operators using Solid Edge SE2023 in manufacturing, automotive, aerospace, or product design facilities. Anyone receiving CAD files from external sources (suppliers, partners, customers) is at risk if they open files in the affected version.

How it could be exploited

An attacker creates a malicious DFT, PAR, or PSM file and tricks a design engineer into opening it in Solid Edge (via email, file share, or social engineering). When the file is opened, the memory corruption vulnerability is triggered, allowing the attacker to crash the application or execute arbitrary code with the privileges of the engineer's user account.

Prerequisites

User must open a malicious file with Solid Edge (social engineering required)
The malicious file must be in DFT, PAR, or PSM format
No network access required; exploitation occurs locally on the engineering workstation

Low complexity attackUser interaction required (file open)Default behavior exploitedAffects engineering design systems

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (1)

ProductAffected VersionsFix Status

Solid Edge SE2023<vers:/ V223.0 Update 7223.0 Update 7

Remediation & Mitigation

0/4

Do now

0/2

WORKAROUNDAvoid opening untrusted or unexpected files (DFT, PAR, PSM) from unknown sources in Solid Edge

WORKAROUNDEducate design staff on email security and phishing risks; do not click links or open attachments in unsolicited email

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Solid Edge SE2023 to version 223.0 Update 7 or later

Long-term hardening

0/1

HARDENINGImplement network segmentation to isolate engineering workstations from manufacturing systems and external networks

CVEs (9)

CVE-2023-39181 CVE-2023-39182 CVE-2023-39183 CVE-2023-39184 CVE-2023-39185 CVE-2023-39186 CVE-2023-39187 CVE-2023-39188 CVE-2023-39419

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/849738dc-85c8-47ca-a3fa-53e7090453a2