Siemens Parasolid

Plan PatchCVSS 7.8ICS-CERT ICSA-24-347-04Dec 10, 2024

Siemens

Attack path

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Parasolid and Solid Edge are affected by an out-of-bounds write vulnerability (CWE-787) triggered when opening malicious PAR format files. If a user is tricked into opening a specially crafted PAR file, an attacker could achieve remote code execution in the context of the current process. Siemens has released patched versions for all affected products.

What this means

What could happen

An attacker who tricks a user into opening a malicious PAR file could execute arbitrary code on the engineering workstation running Parasolid or Solid Edge, potentially compromising CAD designs, manufacturing processes, or the workstation itself.

Who's at risk

CAD engineers and design teams using Solid Edge SE2024, SE2025, or Parasolid (versions 36.1, 37.0, 37.1) on engineering workstations. Organizations in manufacturing, automotive, aerospace, and product design that rely on Parasolid-based CAD tools should treat this as a workstation security risk.

How it could be exploited

An attacker creates a malicious PAR (Parasolid) format file and tricks a user into opening it in Solid Edge or Parasolid (via email, file sharing, or social engineering). When the file is loaded, the out-of-bounds write vulnerability is triggered, allowing the attacker to run commands in the context of the application user.

Prerequisites

User interaction required (victim must open a malicious PAR file)
Access to deliver the file to the target user (email, file share, or removable media)

User interaction required (reduces risk)local exploitation only (not remotely exploitable)out-of-bounds write (CWE-787)affects engineering design systems

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (5)

5 with fix

ProductAffected VersionsFix Status

Solid Edge SE2024All versions < V224.0 Update 12224.0 Update 12

Solid Edge SE2025All versions < V225.0 Update 3225.0 Update 3

Parasolid V36.1<V36.1.22536.1.225

Parasolid V37.0<V37.0.17337.0.173

Parasolid V37.1<V37.1.10937.1.109

Remediation & Mitigation

0/7

Do now

0/1

WORKAROUNDDisable opening of PAR files from untrusted sources; implement file extension filtering and user training to block suspicious file delivery

Schedule — requires maintenance window

0/5

Patching may require device reboot — plan for process interruption

Solid Edge SE2024

HOTFIXUpdate Solid Edge SE2024 to Version 224.0 Update 12 or later

Solid Edge SE2025

HOTFIXUpdate Solid Edge SE2025 to Version 225.0 Update 3 or later

Parasolid V36.1

HOTFIXUpdate Parasolid V36.1 to version 36.1.225 or later

Parasolid V37.0

HOTFIXUpdate Parasolid V37.0 to version 37.0.173 or later

Parasolid V37.1

HOTFIXUpdate Parasolid V37.1 to version 37.1.109 or later

Long-term hardening

0/1

HARDENINGRestrict file access on engineering workstations to read-only for CAD design folders unless modification is required

CVEs (1)

CVE-2024-54091

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/e82f1bbd-6260-4f64-b479-894ea465d1b8

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.