Full Report
Parasolid is affected by an out of bounds write vulnerability that could be triggered when the application is parsing X_T data or a specially crafted file in X_T format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process. Siemens has released new versions for the affected products and recommends to update to the latest versions.
Analysis Summary
# Vulnerability: Out of Bounds Write in Siemens Parasolid
## CVE Details
- **CVE ID:** CVE-2024-54091
- **CVSS Score:** 7.8 (High) - CVSS v3.1 / 7.3 (High) - CVSS v4.0
- **CWE:** CWE-787: Out-of-bounds Write
## Affected Systems
- **Products:** Siemens Parasolid (3D geometric modeling engine)
- **Versions:**
- Parasolid V36.1: All versions prior to V36.1.225
- Parasolid V37.0: All versions prior to V37.0.173
- **Configurations:** Systems utilizing the Parasolid engine to parse X_T (Parasolid XT) data or files.
## Vulnerability Description
The vulnerability exists within the parsing logic of X_T format data. When the application processes a specially crafted X_T file, it fails to properly validate the boundaries of an allocated buffer. This results in an out-of-bounds write past the end of the buffer memory. Technical analysis indicates this flaw can be leveraged to corrupt memory and hijack the execution flow of the application.
## Exploitation
- **Status:** No reports of exploitation in the wild at this time; no public PoC currently cited in advisory.
- **Complexity:** Low (CVSS 3.1) / High (CVSS 4.0 Assessment)
- **Attack Vector:** Local (Requires a user to open a malicious file)
## Impact
- **Confidentiality:** High (Full access to process memory/context)
- **Integrity:** High (Ability to execute arbitrary code)
- **Availability:** High (Potential for application crash or system instability)
## Remediation
### Patches
Siemens recommends updating to the following versions:
- **Parasolid V36.1:** Update to **V36.1.225** or later.
- **Parasolid V37.0:** Update to **V37.0.173** or later.
### Workarounds
- **Restrict File Sources:** Do not open untrusted X_T files or provide untrusted X_T data to applications utilizing the Parasolid engine.
- **User Education:** Ensure users are aware of the risks of social engineering and opening files from unverified external sources.
## Detection
- **Indicators of compromise:** Unusual application crashes when processing X_T files; unexpected outbound network traffic or unauthorized file system changes originating from the Parasolid-associated process.
- **Detection methods and tools:** File integrity monitoring (FIM) for Parasolid binaries and signature-based detection for known malicious X_T file structures if they become available.
## References
- **Siemens Security Advisory:** hxxps://cert-portal[.]siemens[.]com/productcert/html/ssa-979056[.]html
- **Siemens Support Portal:** hxxps://support[.]sw[.]siemens[.]com/product/258316782/
- **Industrial Security Guidelines:** hxxps://www[.]siemens[.]com/cert/operational-guidelines-industrial-security