Siemens Solid Edge SE2024

Plan PatchCVSS 7.8ICS-CERT ICSA-24-347-07Dec 10, 2024

Siemens

Attack path

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Siemens Solid Edge SE2024 is affected by multiple file parsing vulnerabilities (CWE-122, CWE-191) in the handling of PAR and ASM files. A malicious PAR or ASM file opened by a user could cause the application to crash or lead to arbitrary code execution. CVE-2024-54093 and CVE-2024-54094 affect ASM file parsing; CVE-2024-54094 and CVE-2024-54095 affect PAR file parsing.

What this means

What could happen

An attacker could craft a malicious PAR or ASM file that, when opened in Solid Edge, causes the application to crash or executes arbitrary code with user privileges. This affects design workflows and could allow an attacker to compromise the engineering workstation.

Who's at risk

Engineering and design teams using Siemens Solid Edge SE2024 for CAD/CAM work are affected. This includes mechanical design departments, manufacturing engineers, and any organization that processes design files (PAR or ASM) from external or untrusted sources.

How it could be exploited

An attacker sends a malicious PAR or ASM file to an engineer or designer. When the user opens the file in Solid Edge SE2024, the vulnerable parser reads the malformed file structure, triggering a buffer overflow or integer underflow condition that executes attacker code.

Prerequisites

User interaction required to open malicious file
User has Solid Edge SE2024 installed with version below Update 5 or Update 10
Attacker must deliver the malicious file to the user (email, file share, etc.)

Low complexity exploitationUser interaction requiredNo authentication required to open filesCould lead to arbitrary code execution

Exploitability

Unlikely to be exploited — EPSS score 0.2%

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

Solid Edge SE2024<V224.0 Update 5224.0 Update 5

Solid Edge SE2024<V224.0 Update 10224.0 Update 10

Remediation & Mitigation

0/6

Do now

0/2

WORKAROUNDDo not open untrusted ASM files in affected versions of Solid Edge

WORKAROUNDDo not open untrusted PAR files in affected versions of Solid Edge

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

Solid Edge SE2024

HOTFIXUpdate Solid Edge SE2024 to V224.0 Update 5 or later

HOTFIXUpdate Solid Edge SE2024 to V224.0 Update 10 or later to address PAR file vulnerabilities

Long-term hardening

0/2

HARDENINGImplement user training to avoid opening design files from untrusted sources

HARDENINGRestrict file sharing from external networks and validate file sources before opening in engineering applications

CVEs (3)

CVE-2024-54093 CVE-2024-54094 CVE-2024-54095

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/8e041243-65ef-41ba-9dba-841416d15b75

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.