SSA-518824 Multiple File Parsing Vulnerabilities in Simcenter Femap and Parasolid
Plan Patch7.8SSA-518824Sep 13, 2022
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
Simcenter Femap and Parasolid are affected by multiple file parsing vulnerabilities in X_T file format handling. When a user opens a malicious X_T file with an affected application, buffer overflow and memory corruption flaws (CWE-125, CWE-787, CWE-824) can be triggered, leading to remote code execution in the context of the application process. Siemens has released patched versions for all affected product lines.
What this means
What could happen
An attacker could execute arbitrary code on an engineering workstation by tricking a user into opening a malicious X_T format file (CAD/modeling file), compromising the workstation and potentially gaining access to design data or downstream engineering systems.
Who's at risk
Engineering and design teams using Simcenter Femap or Parasolid-based CAD applications on Windows workstations. This affects mechanical engineers, designers, and anyone who opens X_T format CAD files as part of their workflow. The risk is higher in environments where design files are shared via email, external collaborators, or cloud storage.
How it could be exploited
An attacker sends a user a malicious X_T file (Parasolid CAD format) via email or file share. When the user opens the file in Simcenter Femap or another Parasolid-based application, the file parser processes the crafted file content and triggers a buffer overflow or memory corruption bug (CWE-125, CWE-787, CWE-824), allowing code execution in the application's context.
Prerequisites
- User interaction required: target user must open the malicious X_T file with an affected version of Femap or Parasolid
- X_T file format support enabled (default configuration)
- No elevated privileges or special configuration needed
User interaction required (social engineering vector)File format parsing vulnerabilityAffects engineering workstations with design data accessLow EPSS score but affects engineering assets
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (8)
8 with fix
ProductAffected VersionsFix Status
Parasolid V33.1< V33.1.26233.1.262
Parasolid V33.1≥ V33.1.262 < V33.1.26333.1.263
Parasolid V34.0< V34.0.25234.0.252
Parasolid V34.1< V34.1.24234.1.242
Parasolid V35.0< V35.0.16135.0.161
Parasolid V35.0≥ V35.0.161 < V35.0.16435.0.164
Simcenter Femap V2022.1< V2022.1.32022.1.3
Simcenter Femap V2022.2< V2022.2.22022.2.2
Remediation & Mitigation
0/9
Schedule — requires maintenance window
0/7Patching may require device reboot — plan for process interruption
Parasolid V33.1
HOTFIXUpdate Parasolid V33.1 to version 33.1.262 or later
HOTFIXUpdate Parasolid V33.1 to version 33.1.263 if running 33.1.262
Parasolid V34.0
HOTFIXUpdate Parasolid V34.0 to version 34.0.252 or later
Parasolid V34.1
HOTFIXUpdate Parasolid V34.1 to version 34.1.242 or later
Parasolid V35.0
HOTFIXUpdate Parasolid V35.0 to version 35.0.161 or later (or 35.0.164 if already on 35.0.161)
Simcenter Femap V2022.1
HOTFIXUpdate Simcenter Femap V2022.1 to version 2022.1.3 or later
Simcenter Femap V2022.2
HOTFIXUpdate Simcenter Femap V2022.2 to version 2022.2.2 or later
Long-term hardening
0/2HARDENINGEstablish file origin verification and user awareness training for handling CAD files from untrusted sources
HARDENINGRestrict X_T file opening to trusted file sources and implement email attachment filtering for CAD file formats
CVEs (20)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/5dd28452-b9c4-4a6e-b380-3db3295129ac