OTPulse
FeedAboutContact

Siemens Solid Edge

Plan Patch7.8ICS-CERT ICSA-24-074-02Mar 12, 2024
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

Solid Edge is affected by an out-of-bounds read vulnerability triggered when opening malicious files containing XT parts. If a user opens a crafted file, an attacker can leverage the vulnerability to execute arbitrary code in the context of the current Solid Edge process. Siemens has released updates for SE2023 (version 223.0 Update 11 and later) and SE2024 (version 224.0 Update 3 and later) that correct this issue.

What this means
What could happen
An attacker can trick an engineer into opening a malicious XT parts file, leading to remote code execution with full access to the engineer's workstation, potentially allowing modification of designs or introduction of malicious changes into manufacturing workflows.
Who's at risk
Engineering and design staff using Siemens Solid Edge CAD software should care about this vulnerability. It primarily affects design workstations where engineers create or review parts and assemblies. Manufacturing facilities that receive design files from external suppliers or contractors are at higher risk if those files are opened in affected Solid Edge versions.
How it could be exploited
An attacker crafts a malicious XT parts file (Solid Edge file format) and sends it to an engineer via email or file sharing. When the engineer opens the file in Solid Edge without realizing it is malicious, the out-of-bounds read vulnerability is triggered, causing memory corruption that the attacker can exploit to execute arbitrary code in the context of the Solid Edge process running under the engineer's account.
Prerequisites
  • User must open a malicious XT parts file using an affected version of Solid Edge
  • Social engineering required to convince user to open file
  • File must contain crafted XT parts designed to trigger the vulnerability
social engineering required (user must open file)affects engineering workstations (access to design intellectual property)no public exploitation reportednot remotely exploitable (requires local file access)
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
Solid Edge SE2023<V223.0 Update 11223.0 Update 11
Solid Edge SE2024<V224.0 Update 3224.0 Update 3
Remediation & Mitigation
0/5
Do now
0/1
WORKAROUNDDo not open untrusted XT parts files from external sources
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

Solid Edge SE2023
HOTFIXUpdate Solid Edge SE2023 to version 223.0 Update 11 or later
Solid Edge SE2024
HOTFIXUpdate Solid Edge SE2024 to version 224.0 Update 3 or later
Long-term hardening
0/2
HARDENINGImplement network segmentation to isolate engineering workstations from the internet and restrict file transfer capabilities
HARDENINGEstablish file handling procedures: validate file sources and use email filtering to block unexpected XT file attachments from external senders
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/7639c592-573e-4793-a993-c1c5cd814f39
Siemens Solid Edge | CVSS 7.8 - OTPulse