Full Report
Siemens JT2Go, Teamcenter Visualization and Solid Edge are affected by multiple file parsing vulnerabilities. If a user is tricked to open a malicious file (crafted as ASM or TIFF file format) with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution. Siemens has released updates for the affected products and recommends to update to the latest versions.
Analysis Summary
# Vulnerability: File Parsing Flaws in Siemens CAD and Visualization Software
## CVE Details
- **CVE ID:** CVE-2023-28830, CVE-2023-38682, CVE-2023-38683
- **CVSS Score:** 7.8 (High)
- **CWE:**
- CWE-416: Use After Free (CVE-2023-28830)
- CWE-125: Out-of-bounds Read (CVE-2023-38682)
- CWE-787: Out-of-bounds Write (CVE-2023-38683)
## Affected Systems
- **Products:**
- JT2Go
- Solid Edge (SE2022, SE2023)
- Teamcenter Visualization (V13.2, V13.3, V14.1, V14.2)
- **Versions:**
- **JT2Go:** All versions < V14.2.0.5
- **Solid Edge SE2022:** All versions < V222.0 Update 13
- **Solid Edge SE2023:** All versions < V223.0 Update 4
- **Teamcenter Visualization:** Various versions across V13.x and V14.x (see Remediation for specific version caps)
- **Configurations:** Systems where users open untrusted file formats (ASM or TIFF).
## Vulnerability Description
The affected applications suffer from memory corruption vulnerabilities during the parsing of specific file formats.
- **CVE-2023-28830:** A Use-After-Free flaw triggered while parsing maliciously crafted **ASM** files.
- **CVE-2023-38682 & CVE-2023-38683:** Out-of-bounds read and write vulnerabilities triggered while parsing specially crafted **TIFF** files.
These flaws occur because the software does not properly validate the structure or memory boundaries of the input files, leading to memory corruption.
## Exploitation
- **Status:** PoC Available (Exploit Code Maturity is listed as "Functional/Proven" in CVSS vectors).
- **Complexity:** Low
- **Attack Vector:** Local (Requires User Interaction: A user must be tricked into opening a malicious file).
## Impact
- **Confidentiality:** High (Potential for information disclosure or context-level access).
- **Integrity:** High (Potential for arbitrary code execution).
- **Availability:** High (Application crash or system instability).
## Remediation
### Patches
Siemens recommends updating to the following versions or later:
- **JT2Go:** V14.2.0.5
- **Solid Edge SE2022:** V222.0 Update 13
- **Solid Edge SE2023:** V223.0 Update 4
- **Teamcenter Visualization V13.2:** V13.2.0.15
- **Teamcenter Visualization V13.3:** V13.3.0.11
- **Teamcenter Visualization V14.1:** V14.1.0.11
- **Teamcenter Visualization V14.2:** V14.2.0.5
### Workarounds
- **Restrict File Access:** Avoid opening ASM or TIFF files from untrusted or unknown sources.
- **Principle of Least Privilege:** Run applications with the lowest possible user privileges to limit the impact of potential code execution.
## Detection
- **Indicators of Compromise:** Unexpected application crashes when opening ASM or TIFF files; unusual outbound network traffic from CAD/Visualization processes.
- **Detection Methods:** Monitor for unauthorized process spawns (e.g., `cmd.exe` or `powershell.exe`) originating from `JT2Go.exe`, `Edge.exe`, or Teamcenter binaries.
## References
- **Vendor Advisory:** hxxps://cert-portal[.]siemens[.]com/productcert/pdf/ssa-131450[.]pdf
- **Siemens Support:** hxxps://support[.]sw[.]siemens[.]com/
- **CWE Mitre:** hxxps://cwe[.]mitre[.]org/