Multiple File Parsing Vulnerabilities in Solid Edge

Plan Patch7.8SSA-932528May 9, 2023

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Solid Edge SE2023 contains multiple memory corruption vulnerabilities in file parsing for DWG, IFC, OBJ, and STP formats. When a user opens a specially crafted file in one of these formats, the application may crash or execute arbitrary code. The vulnerabilities exist in buffer overflow and use-after-free conditions triggered during file parsing.

What this means

What could happen

An attacker could crash Solid Edge or run arbitrary code by tricking an engineer to open a malicious CAD file. This affects anyone using Solid Edge for design work, but does not directly impact running industrial equipment.

Who's at risk

Design engineers and technical staff who use Siemens Solid Edge SE2023 for CAD modeling and mechanical design work. This affects the engineering workstation environment rather than operational control systems directly.

How it could be exploited

An attacker crafts a malicious CAD file (DWG, IFC, OBJ, or STP format) and sends it to an engineer via email or file share. When the engineer opens the file in Solid Edge, the memory corruption is triggered, allowing the attacker to execute code on the engineering workstation with the privileges of the user running Solid Edge.

Prerequisites

User with Solid Edge installed must be tricked to open a malicious CAD file
File must be in a supported format: DWG, IFC, OBJ, or STP

User interaction required (file must be opened)Low complexity attackAffects engineering design toolsMemory corruption vulnerabilities (CWE-476, CWE-125, CWE-119, CWE-416)

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

Solid Edge SE2023< V223.0 Update 2223.0 Update 2

Solid Edge SE2023< V223.0 Update 3223.0 Update 3

Remediation & Mitigation

0/3

Do now

0/1

HARDENINGTrain engineering staff to avoid opening CAD files from untrusted sources, and verify file origin before opening

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

Solid Edge SE2023

HOTFIXUpdate Solid Edge SE2023 to V223.0 Update 2 or later

HOTFIXUpdate Solid Edge SE2023 to V223.0 Update 3 or later

CVEs (4)

CVE-2023-0973 CVE-2023-30985 CVE-2023-30986 CVE-2023-39549

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/315b8636-5e1b-4249-a484-7e37c63b527d