OTPulse
FeedAboutContact

File Parsing Vulnerability in Solid Edge

Plan Patch7.8SSA-382651Mar 12, 2024
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

Solid Edge contains an out of bounds read vulnerability triggered when parsing files containing XT parts. Opening a malicious XT part file could allow an attacker to execute code in the context of the user running Solid Edge.

What this means
What could happen
An attacker could trick an engineer or CAD operator into opening a malicious design file, allowing the attacker to run code on the engineering workstation with that user's privileges. This could lead to theft of design data, modification of CAD models, or lateral movement into the plant network.
Who's at risk
Solid Edge is used by manufacturing and process engineering teams for CAD design and 3D modeling. This affects engineering workstations at utilities with generation, transmission, or distribution facilities that use Siemens design tools for equipment specification, control system design, or plant layout work.
How it could be exploited
An attacker sends a malicious Solid Edge file (.asm, .par, or other format) containing a specially crafted XT part to an engineer via email or file sharing. When the engineer opens the file in Solid Edge, the out of bounds read is triggered during file parsing, allowing the attacker to achieve code execution on the workstation.
Prerequisites
  • User must open a malicious file in Solid Edge
  • File must contain a crafted XT part structure
  • Engineer or design user must have Solid Edge installed and in use
Requires user interaction to exploitAffects engineering workstations which often have access to sensitive plant dataNo patch available yet for some deployments (end-of-support versions)Could enable lateral movement into operational networks
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
Solid Edge SE2023All versions < V223.0 Update 11223.0 Update 11
Solid Edge SE2024All versions < V224.0 Update 3224.0 Update 3
Remediation & Mitigation
0/3
Do now
0/1
HARDENINGEducate engineering and design staff not to open files from untrusted sources, especially design files received via email or external file sharing
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

Solid Edge SE2023
HOTFIXUpdate Solid Edge SE2023 to version 223.0 Update 11 or later
Solid Edge SE2024
HOTFIXUpdate Solid Edge SE2024 to version 224.0 Update 3 or later
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/ce07acf6-bba2-4bff-b85e-bb1d53177271
File Parsing Vulnerability in Solid Edge | CVSS 7.8 - OTPulse