Vulnerabilities in Teamcenter
Plan Patch7.8SSA-789162May 10, 2022
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
Teamcenter is affected by two vulnerabilities: XML External Entity Injection (XXE, CVE-2022-29801) in versions before V13.1, and a stack-based buffer overflow (CVE-2024-24290) in all affected versions. The XXE vulnerability allows reading arbitrary files from the server when a user processes a malicious XML file. The stack buffer overflow can enable arbitrary code execution on the Teamcenter server or client. Siemens has released patched versions for all affected product lines.
What this means
What could happen
A local attacker with user interaction could execute arbitrary code or read sensitive files from the Teamcenter server. The stack buffer overflow could allow code execution on the engineering workstation running Teamcenter.
Who's at risk
Manufacturing and engineering organizations using Siemens Teamcenter for product lifecycle management (PLM), particularly those running versions V12.4 through V14.0. This affects engineering workstations and Teamcenter servers where design data, CAD files, and product information are managed.
How it could be exploited
An attacker could craft a malicious XML file and trick a user into opening it in Teamcenter (requires user interaction), triggering the XXE vulnerability to read files from the server or execute code via the stack buffer overflow. The attacker needs local or network access to the Teamcenter client or server, plus social engineering to deliver the payload.
Prerequisites
- Local or network access to Teamcenter client or server
- User interaction required: victim must open malicious XML file or process malicious input
- Vulnerable version of Teamcenter (V13.1 and earlier for XXE, all listed versions for stack overflow)
Local exploitation requiredUser interaction requiredStack buffer overflow allows arbitrary code executionXML External Entity Injection enables file disclosureAffects engineering data integrity and confidentiality
Exploitability
Low exploit probability (EPSS 0.7%)
Affected products (6)
6 with fix
ProductAffected VersionsFix Status
Teamcenter V12.4< V12.4.0.1312.4.0.13
Teamcenter V13.0< V13.0.0.913.0.0.9
Teamcenter V13.1All versions13.1.0.9
Teamcenter V13.2< V13.2.0.813.2.0.8
Teamcenter V13.3< V13.3.0.313.3.0.3
Teamcenter V14.0< V14.0.0.214.0.0.2
Remediation & Mitigation
0/8
Do now
0/2WORKAROUNDDisable XML external entity processing in Teamcenter if possible until patched
HARDENINGRestrict file uploads and restrict which users can import XML files into Teamcenter
Schedule — requires maintenance window
0/6Patching may require device reboot — plan for process interruption
Teamcenter V12.4
HOTFIXUpdate Teamcenter V12.4 to version 12.4.0.13 or later
Teamcenter V13.0
HOTFIXUpdate Teamcenter V13.0 to version 13.0.0.9 or later
Teamcenter V13.1
HOTFIXUpdate Teamcenter V13.1 to version 13.1.0.9 or later
Teamcenter V13.2
HOTFIXUpdate Teamcenter V13.2 to version 13.2.0.8 or later
Teamcenter V13.3
HOTFIXUpdate Teamcenter V13.3 to version 13.3.0.3 or later
Teamcenter V14.0
HOTFIXUpdate Teamcenter V14.0 to version 14.0.0.2 or later
CVEs (2)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/2c49d238-a4fb-4f26-885c-31d8f69affc3