OTPulse
FeedAboutContact

Luxion KeyShot Vulnerability in Solid Edge

Monitor7.8SSA-572164Apr 11, 2023
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

Solid Edge SE2023 includes a bundled version of the third-party KeyShot rendering engine (version 11) that contains an unpatched memory corruption vulnerability (CWE-119). This vulnerability could allow arbitrary code execution if a user opens a specially crafted file. Siemens does not plan to fix this in Solid Edge itself and instead recommends updating KeyShot independently to version V2023.1 or later, as documented in Luxion Security Advisory LSA-610622.

What this means
What could happen
A designer or engineer could be tricked into opening a malicious file that exploits a memory corruption flaw in the bundled KeyShot rendering engine, potentially allowing arbitrary code execution on their engineering workstation.
Who's at risk
Design engineers and CAD/CAM specialists using Solid Edge SE2023 for product design and visualization, particularly those who receive design files from external sources or untrusted collaborators.
How it could be exploited
An attacker sends a specially crafted file (likely a 3D model or project file) to a Solid Edge user. When the user opens it, KeyShot processes the file and the vulnerability in its rendering engine is triggered, allowing the attacker to execute commands with the privileges of the user opening the file.
Prerequisites
  • User must open a malicious file in Solid Edge SE2023
  • The file must be crafted to trigger the KeyShot vulnerability during rendering or processing
  • Local access to the engineer's workstation or ability to deliver the file via email or file share
Requires user interaction to open malicious fileAffects engineering workstations used for designNo patch available from Siemens—requires third-party updateLow exploit probability but actively tracked
Exploitability
Low exploit probability (EPSS 1.0%)
Affected products (1)
ProductAffected VersionsFix Status
Solid Edge SE2023All versionsNo fix yet
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate KeyShot to version V2023.1 or later
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/22bf6d11-a28e-4213-b3d3-681c8bf24fda
Luxion KeyShot Vulnerability in Solid Edge | CVSS 7.8 - OTPulse