Multiple File Parsing Vulnerabilities in Solid Edge

Plan Patch7.8SSA-715184Mar 9, 2021

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Siemens Solid Edge contains multiple file parsing vulnerabilities in PAR, DFT, and XML file format handling. When a user opens a malicious file in a vulnerable version of Solid Edge, the application can crash or execute arbitrary code with the user's privileges. The vulnerabilities stem from buffer overflows (CWE-787) and improper XML entity handling (CWE-611), which could allow attackers to extract data or run commands on the engineering workstation.

What this means

What could happen

An attacker can craft a malicious design file (PAR, DFT, or XML) that, when opened in Solid Edge, causes the application to crash or execute arbitrary code on the engineering workstation. This could disrupt CAD/design operations or allow theft of design intellectual property.

Who's at risk

Organizations that use Siemens Solid Edge for mechanical design and CAD work should be concerned. This affects engineering and design teams who work with external or third-party design files. The risk is highest for teams that frequently receive design files from suppliers, contractors, or other external sources.

How it could be exploited

An attacker sends or hosts a malicious Solid Edge design file (PAR, DFT, or XML format). An engineer or designer opens the file in a vulnerable version of Solid Edge. The application parses the malformed file and triggers a buffer overflow or XML entity expansion flaw, leading to crash or code execution with the user's privileges.

Prerequisites

User must open a malicious file with Solid Edge application
File must be in PAR, DFT, or XML format
Vulnerable version of Solid Edge must be installed

Low complexity exploitationUser interaction requiredaffects engineering workstations and intellectual propertymultiple file format vectors (PAR, DFT, XML)

Exploitability

Low exploit probability (EPSS 0.5%)

Affected products (3)

3 with fix

ProductAffected VersionsFix Status

Solid Edge SE2020All Versions < SE2020MP13SE2020MP13 or later

Solid Edge SE2021All Versions < SE2021MP3SE2021MP4 or later

Solid Edge SE2021SE2021MP3SE2021MP4 or later

Remediation & Mitigation

0/4

Do now

0/1

WORKAROUNDInstruct users to avoid opening untrusted design files from unknown sources, especially PAR, DFT, and XML files

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

Solid Edge SE2020

HOTFIXUpdate Solid Edge SE2020 to SE2020MP13 or later

Solid Edge SE2021

HOTFIXUpdate Solid Edge SE2021 to SE2021MP4 or later

Long-term hardening

0/1

HARDENINGImplement file type restrictions or review controls on CAD workstations to limit which users can open external design files

CVEs (4)

CVE-2020-28385 CVE-2020-28387 CVE-2021-27380 CVE-2021-27381

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/3de5b07f-62ae-4c03-b388-f5ef8b4daaf9