Scene File Parsing Vulnerability in Simcenter STAR-CCM+ Viewer before V2021.3.1

Plan Patch7.8SSA-161331Dec 14, 2021

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Simcenter STAR-CCM+ Viewer contains a vulnerability in the parsing of scene (.sce) files. A buffer overflow or similar memory corruption flaw (CWE-787) can be triggered if a user opens a malicious file. This could lead to application crash, arbitrary code execution, or data extraction on the host system. Siemens recommends updating to version 2021.3.1 or later and avoiding opening untrusted files from unknown sources.

What this means

What could happen

A user who opens a malicious scene file in STAR-CCM+ Viewer could experience a crash, or an attacker could execute arbitrary code on the workstation with the user's privileges, potentially compromising engineering data or plant models.

Who's at risk

Engineering and technical teams in manufacturing, automotive, aerospace, and energy sectors who use Simcenter STAR-CCM+ Viewer to analyze computational fluid dynamics (CFD) models and scene files are affected. This primarily impacts desktop workstations and engineering workstations where simulation data is reviewed.

How it could be exploited

An attacker sends or hosts a malicious .sce (scene) file and tricks an engineer or technician into opening it with STAR-CCM+ Viewer. When the file is parsed, a buffer overflow or similar memory corruption vulnerability is triggered, allowing code execution on the workstation.

Prerequisites

User must open a malicious .sce file with a vulnerable version of STAR-CCM+ Viewer
File must come from an untrusted or social-engineered source

Low EPSS (0.4%)User interaction requiredAffects engineering workstations and design data

Exploitability

Low exploit probability (EPSS 0.4%)

Affected products (1)

ProductAffected VersionsFix Status

Simcenter STAR-CCM+ Viewer< 2021.3.12021.3.1

Remediation & Mitigation

0/2

Do now

0/1

HARDENINGInstruct users to avoid opening scene (.sce) files from unknown or untrusted sources

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Simcenter STAR-CCM+ Viewer to version 2021.3.1 or later

CVEs (1)

CVE-2021-42024

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/c34e8ffb-eb6d-4802-99d8-5ea98ac02fb8