Siemens Questa and ModelSim

MonitorCVSS 6.7ICS-CERT ICSA-25-044-10Feb 11, 2025

Siemens

Attack path

Attack VectorLocal

Auth RequiredLow

ComplexityHigh

User InteractionRequired

Summary

Questa and ModelSim (including OEM editions) contain a vulnerability (CWE-427) that allows a local attacker to inject arbitrary code and escalate privileges. The vulnerability requires local access to the system, user-level account privileges, and user interaction. Attack complexity is high. No public exploitation has been reported. Siemens has released version 2025.1 for both products to address this issue.

What this means

What could happen

A local attacker with user-level access could inject code into Questa or ModelSim processes and escalate to higher privileges, potentially compromising simulation and verification workflows used in chip design and FPGA development.

Who's at risk

Chip design and FPGA development teams using Questa or ModelSim for hardware simulation and verification. This affects organizations in semiconductor, electronics manufacturing, and embedded systems development sectors that rely on Siemens EDA tools for design workflows.

How it could be exploited

An attacker must have local access to the engineering workstation where Questa or ModelSim is running, and must perform a complex privilege escalation attack that involves code injection into the running process. This requires user interaction (the attacker cannot exploit the vulnerability unattended).

Prerequisites

Local access to the workstation running Questa or ModelSim
User-level account on the affected system
Ability to interact with the running application or trigger user action

Local exploitation requiredHigh attack complexityLow EPSS scoreRequires user interaction

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

ModelSim<V2025.12025.1

Questa<V2025.12025.1

Remediation & Mitigation

0/4

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

ModelSim

HOTFIXUpdate ModelSim to version 2025.1 or later

Questa

HOTFIXUpdate Questa to version 2025.1 or later

Long-term hardening

0/2

ModelSim

HARDENINGRestrict physical and network access to engineering workstations running Questa or ModelSim to authorized personnel only

All products

HARDENINGEnsure design and simulation systems are isolated from business networks and not directly accessible from the internet

CVEs (1)

CVE-2024-53977

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/e18856b4-4d4b-405e-9b19-ba055705b7ed

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.