OTPulse
FeedAboutContact

Information Disclosure Vulnerability in Simcenter STAR-CCM+

Monitor5.3SSA-555707Aug 9, 2022
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

Simcenter STAR-CCM+ contains an information disclosure vulnerability when using the Power-on-Demand public license server. An attacker without authentication could access a system's host, user, and display name from the licensing service. Siemens is preparing updates and recommends network access controls as compensating measures.

What this means
What could happen
An attacker could learn system hostnames, usernames, and display names from Simcenter STAR-CCM+ installations that use the public Power-on-Demand license server, enabling reconnaissance for follow-up attacks on engineering workstations or the computational environment.
Who's at risk
Organizations in the energy sector using Siemens Simcenter STAR-CCM+ for computational fluid dynamics (CFD) simulations should care about this vulnerability, particularly those operating the Power-on-Demand public licensing service on systems accessible from untrusted networks.
How it could be exploited
An attacker with network access to the Power-on-Demand public license server can query the licensing service to harvest host, user, and display name information from connected STAR-CCM+ clients without authentication. This reconnaissance data could be used to identify engineering systems or workstations running the software for targeting in subsequent attacks.
Prerequisites
  • Network access to the Power-on-Demand public license server
  • STAR-CCM+ configured to use the public Power-on-Demand licensing service
Remotely exploitableNo authentication requiredLow complexityNo patch availableInformation disclosure enables reconnaissance
Exploitability
Low exploit probability (EPSS 0.3%)
Affected products (1)
ProductAffected VersionsFix Status
Simcenter STAR-CCM+All versions only if the Power-on-Demand public license server is usedNo fix (EOL)
Remediation & Mitigation
0/3
Do now
0/1
HARDENINGRestrict network access to the Power-on-Demand public license server using firewall rules or access control lists; only allow connections from authorized engineering networks or workstations
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXMonitor vendor (Siemens) for availability of firmware or software updates when they become available
Mitigations - no patch available
0/1
Simcenter STAR-CCM+ has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGIsolate the license server and STAR-CCM+ client systems in a protected network segment with limited external connectivity
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/785e7232-0faa-441a-a78f-71ab17148341