Nullsoft Scriptable Install System (NSIS) Vulnerability (CVE-2023-37378) in Parasolid Installer

Monitor7.8SSA-116172Aug 8, 2023

Attack VectorLocal

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

A vulnerability in the Nullsoft Scriptable Installer System (NSIS) used by Parasolid installers before version V36 creates an uninstall directory with insufficient access control permissions (CWE-732). An attacker with local user access to the system could exploit this to escalate privileges. The vulnerability only affects systems where Parasolid V35.0 or V35.1 was installed using the official installer.

What this means

What could happen

An attacker with local access to a Windows system where Parasolid is installed could exploit insufficient file permissions on the uninstall directory to escalate privileges and gain administrator-level control, potentially affecting engineering workstations used to configure or design systems that may interact with industrial processes.

Who's at risk

This affects engineering teams and design departments that use Parasolid (a CAD/CAM software by Siemens) on Windows workstations for 3D modeling and manufacturing preparation. Parasolid is used in design and engineering workflows but is not typically a direct OT asset; however, compromised engineering workstations can be used to alter designs or infiltrate connected systems like manufacturing execution systems (MES) or product lifecycle management (PLM) systems that may control industrial processes.

How it could be exploited

An attacker with local user account access to a Windows system where Parasolid is installed can manipulate files in the uninstall directory (which has overly permissive access controls) to inject malicious code or replace legitimate uninstaller components, leading to privilege escalation when the uninstaller or another privileged process accesses the directory.

Prerequisites

Local user account access on the Windows machine where Parasolid V35.0 or V35.1 is installed
Parasolid installed using the official Parasolid installer (not portable/standalone)

local privilege escalation vectorinstaller-based vulnerabilityaffects engineering workstations

Exploitability

Low exploit probability (EPSS 0.3%)

Affected products (2)

2 EOL

ProductAffected VersionsFix Status

Parasolid V35.1All versionsNo fix (EOL)

Parasolid V35.0All versionsNo fix (EOL)

Remediation & Mitigation

0/3

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

Parasolid V35.0

HOTFIXUninstall Parasolid V35.0 or V35.1 using the built-in uninstaller

All products

HOTFIXReinstall Parasolid with the latest available installer (V36 or later)

Mitigations - no patch available

0/1

The following products have reached End of Life with no planned fix: Parasolid V35.1, Parasolid V35.0. Apply the following compensating controls:

HARDENINGRestrict local user account access to engineering workstations and apply principle of least privilege

CVEs (1)

CVE-2023-37378

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/0f00e07e-2aad-4a60-b6bc-730915261ad9