SSA-243317 File Parsing Vulnerability in Simcenter Femap and Parasolid

Plan Patch7.8SSA-243317Jul 12, 2022

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Parasolid and Simcenter Femap contain an out-of-bounds read vulnerability in their NEU file format parser. When a user opens a specially crafted NEU file, the vulnerability can be exploited to achieve remote code execution with the privileges of the user running the application. The vulnerability is triggered during file parsing and does not require special configurations or elevated privileges.

What this means

What could happen

An attacker who crafts a malicious NEU format file and tricks an engineer into opening it could execute arbitrary code with the privileges of the engineer's workstation, potentially compromising the engineering design system and any connected plant networks.

Who's at risk

Engineering teams and CAD/design staff who use Parasolid or Simcenter Femap for finite element analysis, product design, or manufacturing process modeling. This affects design workstations in manufacturing, automotive, aerospace, and industrial equipment development environments.

How it could be exploited

An attacker creates a malicious file in NEU format (Parasolid's native file format) and delivers it via email or file sharing. When an engineer opens the file in Parasolid or Simcenter Femap, the out-of-bounds read vulnerability is triggered during file parsing, allowing the attacker to run code on the engineering workstation.

Prerequisites

User interaction required: engineer must open a malicious NEU file
Affected version of Parasolid or Simcenter Femap installed on engineering workstation
Access to deliver a file to the target user (email, file share, USB, etc.)

User interaction required to triggerAffects engineering design workstations with potential access to plant networksFile parsing vulnerability in widely-used CAD/simulation softwareCWE-125 out-of-bounds read can lead to code execution

Exploitability

Low exploit probability (EPSS 0.4%)

Affected products (5)

5 with fix

ProductAffected VersionsFix Status

Parasolid V33.1< V33.1.26433.1.264

Parasolid V34.0< V34.0.25034.0.250

Parasolid V34.1< V34.1.23334.1.233

Simcenter Femap V2022.1< V2022.1.32022.1.3

Simcenter Femap V2022.2< V2022.2.22022.2.2

Remediation & Mitigation

0/7

Do now

0/2

HARDENINGEducate users not to open NEU files from untrusted sources

HARDENINGRestrict NEU file execution in email gateways and implement file-type filtering on engineering workstations

Schedule — requires maintenance window

0/5

Patching may require device reboot — plan for process interruption

Parasolid V33.1

HOTFIXUpdate Parasolid V33.1 to version 33.1.264 or later

Parasolid V34.0

HOTFIXUpdate Parasolid V34.0 to version 34.0.250 or later

Parasolid V34.1

HOTFIXUpdate Parasolid V34.1 to version 34.1.233 or later

Simcenter Femap V2022.1

HOTFIXUpdate Simcenter Femap V2022.1 to version 2022.1.3 or later

Simcenter Femap V2022.2

HOTFIXUpdate Simcenter Femap V2022.2 to version 2022.2.2 or later

CVEs (1)

CVE-2022-34465

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/aa8c979c-53de-4c88-bdb2-8a2115d06690