Siemens Simcenter Nastran

Plan Patch7.8ICS-CERT ICSA-24-284-02Oct 8, 2024

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Simcenter Nastran contains memory corruption vulnerabilities in BDF file parsing. When a user opens a malicious BDF file, the application may crash or allow arbitrary code execution. Affected versions include Nastran 2306 (all versions), 2312 (all versions), and 2406 versions prior to 2406.5000. A fix is available for 2406 but no fixes are planned for 2306 and 2312 versions. The vulnerability requires user interaction (opening a file) and is not remotely exploitable. Siemens recommends updating where available and avoiding opening untrusted BDF files.

What this means

What could happen

If an operator opens a malicious BDF design file in Simcenter Nastran, the application could crash, interrupting engineering analysis work, or an attacker could execute arbitrary code on the engineering workstation.

Who's at risk

Engineering and design teams using Siemens Simcenter Nastran for finite element analysis and structural simulation. This affects engineering workstations and design environments at organizations using Nastran for mechanical design, aerospace, or automotive analysis.

How it could be exploited

An attacker must trick a user into opening a malicious BDF (Bulk Data Format) file with Simcenter Nastran. The file triggers a memory corruption vulnerability when parsed, causing application crash or code execution with the privileges of the user running the application.

Prerequisites

User must open a malicious BDF file in Simcenter Nastran
Social engineering or phishing email delivery of malicious file
Affected version of Simcenter Nastran must be installed

Requires user interaction (file opening)No authentication requiredAffects engineering workstation not directly connected to operationsMemory corruption vulnerabilityArbitrary code execution possible

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (3)

1 with fix2 EOL

ProductAffected VersionsFix Status

Simcenter Nastran 2406<V2406.50002406.5000

Simcenter Nastran 2306All versionsNo fix (EOL)

Simcenter Nastran 2312All versionsNo fix (EOL)

Remediation & Mitigation

0/4

Do now

0/2

WORKAROUNDDo not open untrusted or unsolicited BDF files from external sources

HARDENINGProvide user awareness training on recognizing phishing emails and social engineering attempts that deliver malicious files

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

Simcenter Nastran 2406

HOTFIXUpdate Simcenter Nastran 2406 to version 2406.5000 or later

All products

HARDENINGImplement email gateway controls to block suspicious attachments or warn users on file types commonly used for delivery (BDF files or CAD designs)

CVEs (2)

CVE-2024-41981 CVE-2024-47046

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/5b4b8c83-5819-473f-975c-8d9884f57161