OTPulse
FeedAboutContact

Memory Corruption Vulnerability in Simcenter Femap

Plan Patch7.8SSA-920092Mar 13, 2025
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

Simcenter Femap contains a memory corruption vulnerability triggered when reading malicious .NEU format files. Opening a specially crafted file could allow an attacker to leak sensitive information from the application's memory or execute code in the context of the user's process. The vulnerability affects Femap V2401 versions before 2401.0003 and V2406 versions before 2406.0002. Siemens has released patched versions addressing this issue.

What this means
What could happen
A user who opens a malicious .NEU design file in Simcenter Femap could allow an attacker to read sensitive data from the engineering workstation's memory or execute arbitrary commands with the user's privileges, potentially compromising design data or the workstation itself.
Who's at risk
Engineering teams and design departments using Simcenter Femap for FEA (finite element analysis) and CAD modeling. This affects anyone who receives .NEU design files from external sources or collaborators, including product design, mechanical engineering, and simulation roles in manufacturing, automotive, and industrial equipment companies.
How it could be exploited
An attacker creates a malicious .NEU file (Femap native format) and tricks a design engineer into opening it. When Femap parses the file, a memory corruption flaw is triggered, allowing the attacker to leak memory contents or execute code within the Femap process on the engineer's workstation.
Prerequisites
  • User must open a malicious .NEU file in Simcenter Femap
  • Attacker must convince user to open the file (social engineering)
  • Vulnerable version of Femap must be installed (V2401 before 0003, or V2406 before 0002)
low complexity exploitationuser interaction required (file opening)affects design/engineering workstationscould lead to information disclosure or code execution
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
Simcenter Femap V2401< V2401.00032401.0003
Simcenter Femap V2406< V2406.00022406.0002
Remediation & Mitigation
0/3
Do now
0/1
WORKAROUNDInstruct users not to open .NEU files from untrusted sources until patched
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

Simcenter Femap V2401
HOTFIXUpdate Simcenter Femap V2401 to version 2401.0003 or later
Simcenter Femap V2406
HOTFIXUpdate Simcenter Femap V2406 to version 2406.0002 or later
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/9179f497-b727-4f17-939b-c04ca9c4833a
Memory Corruption Vulnerability in Simcenter Femap | CVSS 7.8 - OTPulse