Full Report
PS/IGES Parasolid Translator Component contains multiple file parsing vulnerabilities that could be triggered when the application reads files in IGS file formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution. Siemens has released a new version for PS/IGES Parasolid Translator Component and recommends to update to the latest version.
Analysis Summary
# Vulnerability: Multiple IGS File Parsing Vulnerabilities in PS/IGES Parasolid Translator Component
## CVE Details
- CVE ID: CVE-2024-32055, CVE-2024-32057, CVE-2024-32058, CVE-2024-32059, CVE-2024-32060, CVE-2024-32061, CVE-2024-32062, CVE-2024-32063, CVE-2024-32064, CVE-2024-32065, CVE-2024-32066 (Multiple vulnerabilities)
- CVSS Score: 7.8 (CVSS 3.1) / 7.3 (CVSS 4.0) (High)
- CWE: CWE-125 (Out-of-bounds Read - for several CVEs), CWE-843 (Type Confusion - for CVE-2024-32057)
## Affected Systems
- Products: PS/IGES Parasolid Translator Component
- Versions: All versions **< V27.1.215**
- Configurations: Triggered when the application reads files in IGS file formats.
## Vulnerability Description
Multiple file parsing vulnerabilities exist within the PS/IGES Parasolid Translator Component when processing specially crafted IGS files. These flaws include **Out-of-bounds Reads** (CWE-125) and **Type Confusion** (CWE-843). Successful exploitation can lead to application crashes or potentially **arbitrary code execution** in the context of the current process.
For specific CVEs:
* **CVE-2024-32055, -32065, -32066**: Out-of-bounds Read past the end of an allocated structure.
* **CVE-2024-32057**: Type confusion vulnerability.
* **CVE-2024-32058**: Memory corruption vulnerability.
(Similar descriptions apply to other listed CVEs regarding parsing IGS files leading to code execution).
## Exploitation
- Status: Due to the nature of the attack requiring the user to open a malicious file, this is likely **PoC available** from security researchers who disclosed the findings (e.g., ZDI, Michael Heinzl). Details on active exploitation in the wild are not specified, but the potential for code execution suggests a high risk.
- Complexity: **Low** to **Medium** (Requires initial user interaction to open a specific file format).
- Attack Vector: **Local** (Requires the attacker to deliver the malicious IGS file to the user, typically via phishing or file sharing).
## Impact
- Confidentiality: **High** (Due to potential arbitrary code execution)
- Integrity: **High** (Due to potential arbitrary code execution)
- Availability: **High** (Crash/Denial of Service possible)
## Remediation
### Patches
- Update PS/IGES Parasolid Translator Component to **V27.1.215 or later version**.
- Vendor remediation update link referenced to: `https://ftp-cambridge.ugs.com/`
### Workarounds
1. **Do not open untrusted IGS files** using the PS/IGES Parasolid Translator Component.
2. Apply general security recommendations, such as protecting network access to devices using appropriate mechanisms and configuring the environment according to Siemens' operational guidelines for Industrial Security.
## Detection
- Indicators of Compromise (IOCs): Detection would focus on crashes involving the parsing component while handling IGS files, or indications of unauthorized code execution originating from these processes.
- Detection methods and tools: System monitoring tools inspecting process activity for unexpected execution paths or memory corruption signatures when IGS files are processed.
## References
- Vendor Advisories: Siemens Security Advisory SSA-976324
- Siemens ProductCERT main page: `https://www.siemens.com/cert/advisories`
- Relevant links:
- Portal link detailing advisory: `https://cert-portal.siemens.com/productcert/html/ssa-976324.html`
- Siemens Industrial Security: `https://www.siemens.com/industrialsecurity`