OTPulse
FeedAboutContact

Modfem File Parsing Vulnerability in Simcenter Femap before V2021.2

Low Risk3.3SSA-997732Sep 14, 2021
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

Simcenter Femap contains a file parsing vulnerability in the modfem file handler. When a user opens a malicious .modfem file, the application may leak sensitive information from the process memory. The vulnerability exists in Femap V2020.2 and V2021.1. Siemens has released a fix in version 2021.2.

What this means
What could happen
An attacker could trick an engineer into opening a malicious .modfem file, causing the Femap application to leak sensitive information (such as memory contents or file paths) in the context of the user's session.
Who's at risk
Engineering teams using Simcenter Femap for finite element analysis and design work. This primarily affects design engineers and analysts who work with .modfem files for structural, thermal, or fluid analysis models.
How it could be exploited
The attacker creates a malicious .modfem file and socially engineers an engineer to open it in Simcenter Femap. When the application parses the file, the vulnerability is triggered, allowing the attacker to read memory or extract information from the process.
Prerequisites
  • User must open a malicious .modfem file
  • The file must be opened in a vulnerable version of Simcenter Femap
  • No special credentials or elevated privileges are required
Low complexity attackRequires user interaction (file opening)Low CVSS score (3.3)
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
Simcenter Femap V2020.2All versions2021.2
Simcenter Femap V2021.1All versions2021.2
Remediation & Mitigation
0/2
Do now
0/1
HARDENINGEducate users not to open .modfem files from untrusted or unknown sources
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Simcenter Femap to version 2021.2 or later
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/9e108e95-734a-4fc7-b37f-d0a67d2339e7