Siemens Questa and ModelSim

Monitor6.7ICS-CERT ICSA-25-044-10Feb 11, 2025

Attack VectorLocal

Auth RequiredLow

ComplexityHigh

User InteractionRequired

Summary

Questa and ModelSim (including OEM editions) are affected by a local code injection and privilege escalation vulnerability. A local attacker with limited privileges and user interaction can inject arbitrary code and escalate to higher privileges. The vulnerability has high attack complexity. Siemens has released patched versions (2025.1 or later).

What this means

What could happen

An attacker with local access to a simulation workstation could run malicious code with elevated privileges, potentially compromising the integrity of design verification workflows or gaining access to sensitive intellectual property stored on engineering systems.

Who's at risk

This affects design and simulation engineers who use ModelSim or Questa for FPGA and ASIC verification workflows. This is primarily a concern for utilities and manufacturers with in-house hardware design capability. The risk is to engineering workstations and intellectual property rather than live operational systems.

How it could be exploited

An attacker must have local user-level access to a workstation running ModelSim or Questa. They must trick or socially engineer a privileged user into performing a specific action (likely opening a malicious file or project). The attacker's injected code then executes with the elevated privileges of that user.

Prerequisites

Local user account access on the affected workstation
Limited user-level privileges (not admin)
User interaction required (user must perform an action like opening a file or project)
ModelSim or Questa installed and running

Local attack only (not remotely exploitable)User interaction requiredHigh attack complexityPrivilege escalation possibleAffects engineering/design tools (not direct OT equipment)

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

ModelSim<V2025.12025.1

Questa<V2025.12025.1

Remediation & Mitigation

0/5

Do now

0/1

WORKAROUNDEducate users on social engineering risks; emphasize not opening untrusted files or projects from external sources

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

ModelSim

HOTFIXUpdate ModelSim to version 2025.1 or later

Questa

HOTFIXUpdate Questa to version 2025.1 or later

Long-term hardening

0/2

ModelSim

HARDENINGRestrict local access to engineering workstations running ModelSim/Questa; limit user accounts to those who need simulation tools

All products

HARDENINGSegment engineering workstations from operational networks and isolate from internet access

CVEs (1)

CVE-2024-53977

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/e18856b4-4d4b-405e-9b19-ba055705b7ed