Siemens Xpedition Layout Browser

Plan Patch7.8ICS-CERT ICSA-23-285-04Oct 10, 2023

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Siemens Xpedition Layout Browser contains a stack overflow vulnerability (CWE-121) that is triggered when the application reads a malicious PCB-format file. If a user opens a crafted PCB file, the application could crash or allow arbitrary code execution with the user's privileges. The vulnerability affects Xpedition Layout Browser versions before VX.2.14. Siemens has released a fix in version VX.2.14 and later.

What this means

What could happen

A user tricked into opening a malicious PCB file in Xpedition Layout Browser could experience application crashes or arbitrary code execution on their engineering workstation, potentially compromising design data or enabling attacker access to the plant network if the workstation is connected.

Who's at risk

Engineering teams using Siemens Xpedition Layout Browser for PCB design and layout work should be aware of this risk. The vulnerability primarily affects individual workstations running the software; however, if engineering workstations are networked with plant control systems or design repositories, a compromised workstation could become an attack foothold.

How it could be exploited

An attacker creates a malicious PCB format file and tricks a user (via email, file sharing, or social engineering) into opening it with Xpedition Layout Browser. The application's stack overflow vulnerability triggers when parsing the file, causing either a crash or allowing arbitrary code to run with the user's privileges on the engineering workstation.

Prerequisites

User must open a malicious PCB file with Xpedition Layout Browser
Attacker must successfully socially engineer the user to open the file
Xpedition Layout Browser version before VX.2.14

Local exploitation only (no remote access)User interaction required (file must be opened)Low complexity attackEngineering workstation compromise riskSocial engineering attack vector

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (1)

ProductAffected VersionsFix Status

Xpedition Layout Browser<VX.2.14VX.2.14

Remediation & Mitigation

0/4

Do now

0/2

WORKAROUNDDo not open PCB files from untrusted sources or unsolicited communications

HARDENINGDo not click web links or open attachments in unsolicited email messages

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Xpedition Layout Browser to version VX.2.14 or later

Long-term hardening

0/1

HARDENINGImplement network access controls and protect engineering workstations with appropriate security mechanisms

CVEs (1)

CVE-2023-30900

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/4466d6bd-c742-4e21-93ee-1ceb122ee05a