Siemens Parasolid

Plan Patch7.8ICS-CERT ICSA-24-046-13Feb 13, 2024

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Parasolid is affected by out-of-bounds read and null pointer dereference vulnerabilities triggered when opening malicious XT format files. If a user opens a specially crafted XT file, an attacker could execute code in the context of the Parasolid process. These vulnerabilities are not remotely exploitable and require user interaction to open a malicious file.

What this means

What could happen

An attacker could execute arbitrary code in the context of a user running Parasolid if they convince the user to open a malicious XT file, potentially compromising the engineering workstation and design data.

Who's at risk

Engineering and CAD teams using Parasolid on design workstations. This affects companies in manufacturing, automotive, aerospace, and any sector relying on Parasolid for 3D solid modeling and product design. Particularly critical for teams that receive design files from external contractors or customers.

How it could be exploited

An attacker crafts a malicious XT format file containing out-of-bounds read or null pointer dereference payloads. When a user opens this file in a vulnerable version of Parasolid, the memory corruption vulnerabilities are triggered, allowing code execution within the Parasolid process.

Prerequisites

User interaction required—target must open a malicious XT file
Vulnerable version of Parasolid must be installed and in use

User interaction requiredLow attack complexityHigh impact (code execution on engineering workstation)Affects design data integrity

Exploitability

Low exploit probability (EPSS 0.0%)

Affected products (5)

5 with fix

ProductAffected VersionsFix Status

Parasolid V35.0<V35.0.26335.0.263

Parasolid V35.0<V35.0.25135.0.251

Parasolid V35.1<V35.1.25235.1.252

Parasolid V35.1<V35.1.17035.1.170

Parasolid V36.0<V36.0.19836.0.198

Remediation & Mitigation

0/6

Do now

0/2

WORKAROUNDDo not open untrusted or unexpected XT files in Parasolid—establish a policy to validate file sources before opening design files

HARDENINGEducate users and design teams to be cautious of unsolicited XT files, especially from external sources or email

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

Parasolid V35.0

HOTFIXUpdate Parasolid V35.0 to version 35.0.263 or later

Parasolid V35.1

HOTFIXUpdate Parasolid V35.1 to version 35.1.252 or later

Parasolid V36.0

HOTFIXUpdate Parasolid V36.0 to version 36.0.198 or later

Long-term hardening

0/1

HARDENINGRestrict network access to engineering workstations running Parasolid using firewall rules and segmentation

CVEs (2)

CVE-2023-49125 CVE-2024-22043

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/62c3f730-f574-4fff-851c-e08335414fc4