OTPulse
FeedAboutContact

PRT File Parsing Vulnerability in NX Before V2406.3000

Plan Patch7.8SSA-357412Aug 13, 2024
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

NX before V2406.3000 contains an out-of-bounds read vulnerability when parsing PRT (print/drawing) files. A user who opens a malicious PRT file could experience application crash or arbitrary code execution on their workstation. The vulnerability is triggered during file parsing, not through network access to the application.

What this means
What could happen
An attacker could craft a malicious PRT (print/design) file that, when opened by an engineer in NX, could crash the application or execute arbitrary code on the engineering workstation with the user's privileges.
Who's at risk
Manufacturing engineers and design teams using NX CAD software for design and modeling. This primarily affects engineering workstations used for product design and documentation rather than direct industrial control systems, but compromised workstations could be a lateral attack vector into production environments.
How it could be exploited
An attacker would create a malicious PRT file and trick an engineer into opening it within NX (via email, USB drive, or shared network folder). NX then parses the file, triggering an out-of-bounds read in memory that could allow code execution on the engineering workstation. This affects design workflows but not direct control of industrial equipment.
Prerequisites
  • User must open a malicious PRT file in NX
  • Affected NX version installed on engineering workstation
  • User interaction required to open the file
requires user interaction (social engineering)out-of-bounds read can lead to arbitrary code executionaffects engineering infrastructure used in manufacturing
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (1)
ProductAffected VersionsFix Status
NX<V2406.30002406.3000
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate NX to version V2406.3000 or later
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/9987df83-1d18-4899-ab22-1289bfa2ccb1
PRT File Parsing Vulnerability in NX Before V2406.3000 | CVSS 7.8 - OTPulse