Full Report
Siemens Simcenter Femap and Nastran is affected by multiple file parsing vulnerabilities that could be triggered when the application reads files in NDB and XDB formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution. Siemens has released new versions for the affected products and recommends to update to the latest versions.
Analysis Summary
# Vulnerability: Multiple File Parsing Flaws in Simcenter Femap and Nastran
## CVE Details
- **CVE ID:** CVE-2026-23715, CVE-2026-23716, CVE-2026-23717, CVE-2026-23718, CVE-2026-23719, CVE-2026-23720
- **CVSS Score:**
- CVSS v3.1: 7.8 (High)
- CVSS v4.0: 7.3 (High)
- **CWE:**
- CWE-122: Heap-based Buffer Overflow
- CWE-125: Out-of-bounds Read
- CWE-787: Out-of-bounds Write
## Affected Systems
- **Products:**
- Simcenter Femap
- Simcenter Nastran
- **Versions:** All versions prior to V2512
- **Configurations:** Systems where users parse NDB or XDB format files.
## Vulnerability Description
The affected applications suffer from multiple memory corruption vulnerabilities (including heap overflows, out-of-bounds reads, and out-of-bounds writes) within their file parsing engines. These flaws are triggered when the application processes specially crafted **NDB** and **XDB** files. An attacker can leverage these memory safety issues to cause a denial-of-service (application crash) or achieve arbitrary code execution in the context of the current process.
## Exploitation
- **Status:** Not currently reported as exploited in the wild; no public PoC mentioned in advisory.
- **Complexity:** Medium (Requires user interaction and a crafted file).
- **Attack Vector:** Local (User must be tricked into opening a malicious file).
## Impact
- **Confidentiality:** High (Potential for arbitrary code execution and memory disclosure).
- **Integrity:** High (Potential for modification of application data).
- **Availability:** High (Application crash or total system compromise).
## Remediation
### Patches
Siemens recommends updating to the latest versions:
- **Simcenter Femap:** Update to V2512 or later.
- **Simcenter Nastran:** Update to V2512 or later.
### Workarounds
- **Strict File Handling:** Do not open untrusted or suspicious **XDB** or **NDB** files.
- **Network Isolation:** Protect network access with appropriate mechanisms and follow Siemens' operational guidelines for Industrial Security.
## Detection
- **Indicators of Compromise:** Unusual application crashes when opening NDB/XDB files or unexpected child processes spawned by the Femap/Nastran binaries.
- **Detection Methods:** Employ file integrity monitoring and endpoint detection and response (EDR) tools to monitor for suspicious process behavior following the opening of CAD/simulation files.
## References
- **Vendor Advisory:** hxxps://cert-portal.siemens[.]com/productcert/pdf/ssa-965753.pdf
- **Siemens Support (Femap):** hxxps://support.sw.siemens[.]com/product/275652363/
- **Siemens Support (Nastran):** hxxps://support.sw.siemens[.]com/product/289054037/
- **Industrial Security Guidelines:** hxxps://www.siemens[.]com/cert/operational-guidelines-industrial-security