DFT File Parsing Vulnerabilities in Solid Edge

Plan Patch7.8SSA-208356Jun 8, 2021

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Siemens Solid Edge contains two vulnerabilities in the DFT file parser. When a user opens a malicious DFT file, the application could crash or allow arbitrary code execution on the host system. Affected: SE2020 (all versions before MP14) and SE2021 (all versions before MP5). SE2021MP5 has no fix available from the vendor.

What this means

What could happen

If an operator or engineer opens a malicious DFT file in Solid Edge, an attacker could crash the application, disrupt design work, or potentially execute arbitrary code on the engineering workstation.

Who's at risk

This affects engineering teams, CAD/design departments, and product development teams using Siemens Solid Edge for mechanical design and modeling. Anyone on the design staff who opens DFT files is at risk.

How it could be exploited

An attacker crafts a malicious DFT file and sends it to an employee (via email, file share, or USB). When the user opens the file in Solid Edge, the DFT parser reads the malformed data, triggering a buffer overflow or similar memory corruption. This could crash the application or allow the attacker to run code with the privileges of the user opening the file.

Prerequisites

User must open a malicious DFT file in Solid Edge
User must have Solid Edge SE2020 (before MP14) or SE2021 (before MP5) installed

Low complexity exploitRequires user interaction (opening file)No authentication requiredPotential for arbitrary code execution on engineering workstation

Exploitability

Low exploit probability (EPSS 0.8%)

Affected products (2)

1 with fix1 EOL

ProductAffected VersionsFix Status

Solid Edge SE2020All Versions < 2020MP142020MP14

Solid Edge SE2021All Versions < SE2021MP5No fix (EOL)

Remediation & Mitigation

0/4

Do now

0/2

WORKAROUNDDisable or restrict the ability to open DFT files from untrusted sources until patched

HARDENINGTrain users not to open DFT files from unknown or unexpected sources

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

Solid Edge SE2020

HOTFIXUpdate Solid Edge SE2020 to MP14 or later

Solid Edge SE2021

HOTFIXUpdate Solid Edge SE2021 to MP5 or later

CVEs (2)

CVE-2021-31342 CVE-2021-31343

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/f0e689ea-d1eb-49b7-b8fe-6e9ffbd9e460