Multiple File Parsing Vulnerabilities in Simcenter Femap before V2406

Plan Patch7.8SSA-064222Jul 9, 2024

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Simcenter Femap before V2406 contains multiple file parsing vulnerabilities in IGS, BDF, and BMP file format handlers. When a user opens a malicious file in one of these formats, the application may crash due to buffer overflow (CWE-125, CWE-787), type confusion (CWE-843), or other memory safety issues (CWE-119, CWE-121). Exploitation requires user interaction to open the file.

What this means

What could happen

An attacker could trick a user into opening a malicious CAD/design file (IGS, BDF, or BMP format), causing the application to crash or potentially execute arbitrary code with the privileges of the user running Simcenter Femap.

Who's at risk

Engineering teams and CAD specialists who use Siemens Simcenter Femap for mechanical design, finite element analysis, and CAD modeling. This affects any workstations running Femap versions before V2406 that process engineering design files.

How it could be exploited

An attacker crafts a malicious file in IGS, BDF, or BMP format and tricks an engineer to open it in Simcenter Femap. The parsing flaw in the file handler causes a buffer overflow or type confusion, allowing code execution or application crash.

Prerequisites

User must open a malicious file in IGS, BDF, or BMP format
Simcenter Femap must be running on the user's workstation
Simcenter Femap version prior to V2406

user-triggered (requires social engineering to open malicious file)affects engineering workstationspotential for code executionlow EPSS score (0.2%, not actively exploited)

Exploitability

Low exploit probability (EPSS 0.2%)

Affected products (1)

ProductAffected VersionsFix Status

Simcenter Femap<V24062406

Remediation & Mitigation

0/1

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Simcenter Femap to version V2406 or later

CVEs (15)

CVE-2024-32055 CVE-2024-32056 CVE-2024-32057 CVE-2024-32058 CVE-2024-32059 CVE-2024-32060 CVE-2024-32061 CVE-2024-32062 CVE-2024-32063 CVE-2024-32064 CVE-2024-32065 CVE-2024-32066 CVE-2024-33577 CVE-2024-33653 CVE-2024-33654

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/e40083b1-9f2d-4080-93f4-64a432707f2e