XT File Parsing Vulnerability in Parasolid

Plan Patch7.8SSA-797296Feb 13, 2024

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Parasolid is affected by out of bounds read and null pointer dereference vulnerabilities that could be triggered when the application reads files in XT format. If a user opens a malicious XT file with affected applications, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.

What this means

What could happen

If an engineer or operator opens a malicious XT file in Parasolid, an attacker could execute arbitrary code on their workstation, potentially gaining access to sensitive design files, network credentials, or downstream engineering systems connected to the network.

Who's at risk

Mechanical engineers, CAD operators, and design teams using Parasolid for 3D modeling, simulation, or product design. This affects any organization that uses Parasolid across versions V35.0, V35.1, or V36.0 for computer-aided design, manufacturing planning, or product visualization workflows.

How it could be exploited

An attacker crafts a malicious XT (Parasolid native format) file and tricks an engineer or operator into opening it via email, shared folder, or file repository. When the file is opened in an affected version of Parasolid, the out-of-bounds read or null pointer dereference is triggered, allowing code execution in the user's context.

Prerequisites

User interaction required: engineer or operator must open a malicious XT file
Affected version of Parasolid must be installed on the workstation
File must be in XT format

user interaction requiredhigh code execution impactlow complexity attackaffects engineering workstations with potential access to design data and network credentials

Exploitability

Low exploit probability (EPSS 0.0%)

Affected products (5)

5 with fix

ProductAffected VersionsFix Status

Parasolid V35.0<V35.0.26335.0.263

Parasolid V35.0<V35.0.25135.0.251

Parasolid V35.1<V35.1.25235.1.252

Parasolid V35.1<V35.1.17035.1.170

Parasolid V36.0<V36.0.19836.0.198

Remediation & Mitigation

0/7

Do now

0/2

HARDENINGRestrict file sharing and email attachments containing XT files to trusted internal sources only

HARDENINGEducate users not to open XT files from untrusted sources or unexpected senders

Schedule — requires maintenance window

0/5

Patching may require device reboot — plan for process interruption

Parasolid V35.0

HOTFIXUpdate Parasolid V35.0 to version 35.0.263 or later

HOTFIXUpdate Parasolid V35.0 to version 35.0.251 or later

Parasolid V35.1

HOTFIXUpdate Parasolid V35.1 to version 35.1.252 or later

HOTFIXUpdate Parasolid V35.1 to version 35.1.170 or later

Parasolid V36.0

HOTFIXUpdate Parasolid V36.0 to version 36.0.198 or later

CVEs (2)

CVE-2023-49125 CVE-2024-22043

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/08b93a15-cd54-42a6-8697-fae2621ea166