Siemens Teamcenter Visualization
Plan PatchCVSS 7.8ICS-CERT ICSA-25-135-06May 13, 2025
Siemens
Attack path
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
Siemens Teamcenter Visualization contains an out-of-bounds read vulnerability in WRL file parsing. If a user opens a malicious WRL file, the application may crash or potentially execute arbitrary code. Affected versions: V14.3 before 14.3.0.14, V2312 before 2312.0010, V2406 before 2406.0008, V2412 before 2412.0004.
What this means
What could happen
An attacker could trick a user into opening a malicious WRL file, causing the Teamcenter Visualization application to crash and disrupt design/engineering workflows, or potentially execute arbitrary code on the engineering workstation.
Who's at risk
Engineering and design teams using Siemens Teamcenter Visualization for CAD/CAM work in manufacturing, process industries, utilities, and infrastructure sectors. This affects workstations running the vulnerable visualization software, not OT field devices directly, but could compromise engineering workstations that manage or configure control system designs.
How it could be exploited
An attacker crafts a malicious WRL file and tricks an engineer to open it in Teamcenter Visualization (via email, file sharing, or social engineering). The vulnerable file parser reads out-of-bounds memory, triggering a crash or code execution on the engineering workstation.
Prerequisites
- User interaction required: engineer must open a malicious WRL file in an affected version of Teamcenter Visualization
requires user interaction to open malicious fileaffects engineering/design workstations that may access OT systemslow exploit complexity once file is opened
Exploitability
Unlikely to be exploited — EPSS score 0.1%
Affected products (4)
4 with fix
ProductAffected VersionsFix Status
Teamcenter Visualization V14.3< V14.3.0.1414.3.0.14
Teamcenter Visualization V2312< V2312.00102312.0010
Teamcenter Visualization V2406< V2406.00082406.0008
Teamcenter Visualization V2412< V2412.00042412.0004
Remediation & Mitigation
0/6
Do now
0/1WORKAROUNDInstruct users not to open WRL files from untrusted sources in Teamcenter Visualization
Schedule — requires maintenance window
0/4Patching may require device reboot — plan for process interruption
Teamcenter Visualization V14.3
HOTFIXUpdate Teamcenter Visualization V14.3 to version 14.3.0.14 or later
Teamcenter Visualization V2312
HOTFIXUpdate Teamcenter Visualization V2312 to version 2312.0010 or later
Teamcenter Visualization V2406
HOTFIXUpdate Teamcenter Visualization V2406 to version 2406.0008 or later
Teamcenter Visualization V2412
HOTFIXUpdate Teamcenter Visualization V2412 to version 2412.0004 or later
Long-term hardening
0/1HARDENINGImplement email security controls to block or warn on WRL file attachments and suspicious file transfers
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/dca6743b-21a8-4ac7-b58b-75ee15e1c053Get OT security insights every Tuesday
Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.