OTPulse
FeedAboutContact

Siemens Simcenter Amesim

Act Now9.8ICS-CERT ICSA-23-285-05Oct 10, 2023
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

Simcenter Amesim versions prior to 2021.1 contain a vulnerable SOAP endpoint that allows unauthenticated remote attackers to perform DLL injection and execute arbitrary code in the context of the affected application process. The vulnerability is exposed through the application's web service interface.

What this means
What could happen
An attacker could remotely execute arbitrary commands on an engineering workstation running Simcenter Amesim, potentially compromising design files, simulation data, or using the workstation as a pivot point to access other systems on the network.
Who's at risk
Engineering and design teams using Simcenter Amesim for simulation and modeling work, particularly those running the software on networked workstations. Affected organizations include manufacturing, automotive, aerospace, and energy sectors that rely on Amesim for system modeling and analysis.
How it could be exploited
An attacker sends a specially crafted SOAP request to the vulnerable SOAP endpoint over the network without authentication. The request exploits a DLL injection flaw to execute arbitrary code, which runs with the privileges of the Simcenter Amesim application process.
Prerequisites
  • Network access to the Simcenter Amesim SOAP endpoint (typically port 80 or 443)
  • Simcenter Amesim application must be running and listening for SOAP requests
  • No valid credentials required
Remotely exploitableNo authentication requiredLow complexity attackHigh CVSS score (9.8)SOAP endpoint directly accessible from network
Exploitability
Low exploit probability (EPSS 1.0%)
Affected products (1)
ProductAffected VersionsFix Status
Simcenter Amesim<V2021.12021.1
Remediation & Mitigation
0/4
Do now
0/2
WORKAROUNDRestrict network access to Simcenter Amesim SOAP endpoints using firewall rules; limit access to trusted engineering workstations only
WORKAROUNDDisable the SOAP endpoint if remote access is not required
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Simcenter Amesim to version 2021.1 or later
Long-term hardening
0/1
HARDENINGPlace engineering workstations running Simcenter Amesim on a segmented network separate from business networks and production systems
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/28871ee3-d1f6-48f7-8f11-5dea715a322c
Siemens Simcenter Amesim | CVSS 9.8 - OTPulse