OTPulse
FeedAboutContact

File Parsing Vulnerabilities in Simcenter Femap before V2022.1.2

Plan Patch7.8SSA-998762Apr 12, 2022
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

Simcenter Femap versions before V2022.1.2 contain file parsing vulnerabilities (CWE-125: out-of-bounds read, CWE-787: out-of-bounds write) in the .NEU file format reader. If an attacker can trick a user into opening a malicious .NEU file, the vulnerability could allow information disclosure or remote code execution in the context of the Femap process.

What this means
What could happen
If a user opens a malicious .NEU file in Simcenter Femap, an attacker could read sensitive design or simulation data from the engineer's workstation, or potentially execute code with the privileges of the CAD/analysis application, compromising the integrity of engineering projects.
Who's at risk
Engineering and design teams who use Siemens Simcenter Femap for finite element analysis (FEA), particularly those who exchange .NEU model files with external collaborators, contractors, or download models from untrusted repositories.
How it could be exploited
An attacker crafts a malicious .NEU (Femap neutral format) file and tricks an engineer to open it in a vulnerable version of Simcenter Femap. The file parser contains a buffer overflow or out-of-bounds read (CWE-125, CWE-787) that allows the attacker to either extract sensitive design data or inject code that runs in the context of the Femap process.
Prerequisites
  • User must open a malicious .NEU file in Simcenter Femap
  • Vulnerable version (< V2022.1.2) must be installed
User interaction required (user must open malicious file)Local exploitation onlyHigh complexity of crafting malicious fileLow EPSS score (0.6%)Patch available
Exploitability
Low exploit probability (EPSS 0.6%)
Affected products (1)
ProductAffected VersionsFix Status
Simcenter Femap< V2022.1.22022.1.2
Remediation & Mitigation
0/2
Do now
0/1
WORKAROUNDDo not open .NEU files from untrusted or unknown sources; verify file origin before opening in Femap
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Simcenter Femap to version V2022.1.2 or later
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/d25d049a-130d-40c4-9221-b9557c4f4ef6
File Parsing Vulnerabilities in Simcenter Femap before V2022.1.2 | CVSS 7.8 - OTPulse