Siemens Teamcenter Visualization
Plan Patch7.8ICS-CERT ICSA-25-135-06May 13, 2025
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
Siemens Teamcenter Visualization contains an out-of-bounds read vulnerability in the WRL (VRML) file format parser. When a user opens a malicious WRL file, the vulnerability can cause the application to crash or potentially allow arbitrary code execution. The vulnerability affects Teamcenter Visualization V14.3 (before 14.3.0.14), V2312 (before 2312.0010), V2406 (before 2406.0008), and V2412 (before 2412.0004). Siemens has released patched versions for all affected product lines.
What this means
What could happen
An attacker could trick an operator into opening a malicious WRL file in Teamcenter Visualization, causing the application to crash or potentially executing arbitrary code on the engineering workstation. This could disrupt design review workflows or compromise the workstation itself.
Who's at risk
Design engineers and CAD operators who use Siemens Teamcenter Visualization for 3D model viewing and design review. This affects engineering workstations running affected versions of Teamcenter Visualization V14.3, V2312, V2406, or V2412.
How it could be exploited
An attacker sends or hosts a malicious WRL (VRML) file and tricks a user into opening it with Teamcenter Visualization. The out-of-bounds read vulnerability in the WRL file parser triggers when the file is loaded, potentially crashing the application or allowing code execution with the privileges of the user running the application.
Prerequisites
- User must open a malicious WRL file in Teamcenter Visualization
- No network access required; exploitation occurs locally when file is opened
- No special credentials or authentication required
- User interaction required (must click/open the file)
Low complexity attackUser interaction requiredAffects engineering/design workstationsCould lead to arbitrary code execution on workstation
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (4)
4 with fix
ProductAffected VersionsFix Status
Teamcenter Visualization V14.3< V14.3.0.1414.3.0.14
Teamcenter Visualization V2312< V2312.00102312.0010
Teamcenter Visualization V2406< V2406.00082406.0008
Teamcenter Visualization V2412< V2412.00042412.0004
Remediation & Mitigation
0/7
Do now
0/1WORKAROUNDDo not open untrusted WRL files in affected Teamcenter Visualization applications
Schedule — requires maintenance window
0/4Patching may require device reboot — plan for process interruption
Teamcenter Visualization V14.3
HOTFIXUpdate Teamcenter Visualization V14.3 to version 14.3.0.14 or later
Teamcenter Visualization V2312
HOTFIXUpdate Teamcenter Visualization V2312 to version 2312.0010 or later
Teamcenter Visualization V2406
HOTFIXUpdate Teamcenter Visualization V2406 to version 2406.0008 or later
Teamcenter Visualization V2412
HOTFIXUpdate Teamcenter Visualization V2412 to version 2412.0004 or later
Long-term hardening
0/2HARDENINGImplement network segmentation to isolate engineering workstations from the internet and untrusted networks
HARDENINGEducate users to avoid opening unsolicited WRL files or files from untrusted sources
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/dca6743b-21a8-4ac7-b58b-75ee15e1c053