OTPulse
FeedAboutContact

Multiple SPP File Parsing Vulnerabilities in Tecnomatix Plant Simulation

Plan Patch7.8SSA-983548May 11, 2021
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

Tecnomatix Plant Simulation V16.0 versions before 16.0.5 contain multiple buffer overflow and memory corruption vulnerabilities in the SPP file parser. Opening a malicious SPP file could crash the application or lead to arbitrary code execution and data extraction on the affected workstation.

What this means
What could happen
An attacker who tricks a user into opening a malicious SPP file in Tecnomatix Plant Simulation could crash the application, execute arbitrary code on the workstation, or extract sensitive data from the simulation environment.
Who's at risk
Plant simulation engineers and planners who use Siemens Tecnomatix Plant Simulation V16.0 to design and validate manufacturing processes. The vulnerability affects workstations running the affected versions, not control systems directly, but compromised workstations could be used to inject malicious process changes into production planning data.
How it could be exploited
An attacker crafts a malicious SPP (Siemens Plant Simulation) file and tricks an engineer or planner into opening it. The application parses the file without proper validation, triggering a buffer overflow or memory corruption vulnerability that crashes the program or allows code execution with the user's privileges.
Prerequisites
  • User account with access to Tecnomatix Plant Simulation
  • Affected version of Tecnomatix Plant Simulation installed (V16.0.x before V16.0.5)
  • User must open the malicious SPP file (social engineering or access to shared file repository)
Requires user interaction (file open)Low complexity attackHigh impact (code execution, data extraction)Default attack vector is local file handling
Exploitability
Low exploit probability (EPSS 0.9%)
Affected products (1)
ProductAffected VersionsFix Status
Tecnomatix Plant Simulation< V16.0.516.0.5
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Tecnomatix Plant Simulation to version 16.0.5 or later
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/31f31935-6ef3-4ec8-879b-080293d36301
Multiple SPP File Parsing Vulnerabilities in Tecnomatix Plant Simulation | CVSS 7.8 - OTPulse