Full Report
Siemens Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads malicious PAR or ASM files. If a user is tricked to open a malicious file with the affected products, this could lead the application to crash or potentially lead to arbitrary code execution. Siemens has released a new version for Solid Edge SE2024 and recommends to update to the latest version.
Analysis Summary
# Vulnerability: Multiple File Parsing Vulnerabilities in Siemens Solid Edge
## CVE Details
- **CVE ID:** CVE-2024-54093, CVE-2024-54094, CVE-2024-54095
- **CVSS Score:** 7.8 (High) / CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- **CWE:** CWE-122 (Heap-based Buffer Overflow), CWE-191 (Integer Underflow)
## Affected Systems
- **Products:** Siemens Solid Edge SE2024
- **Versions:**
- All versions prior to V224.0 Update 5 (Affected by CVE-2024-54093, CVE-2024-54094)
- All versions prior to V224.0 Update 10 (Affected by CVE-2024-54095)
- **Configurations:** Systems where Solid Edge is used to open PAR (Part) or ASM (Assembly) files.
## Vulnerability Description
The vulnerabilities exist in how Siemens Solid Edge parses specific CAD file formats.
- **CVE-2024-54093 & CVE-2024-54094:** These are heap-based buffer overflow flaws triggered during the parsing of ASM and PAR files respectively. An attacker can craft a malicious file that, when read, overwrites memory in the application's heap.
- **CVE-2024-54095:** This is an integer underflow (wraparound) flaw triggered during the parsing of PAR files.
In all three cases, the flaw allows for memory corruption which can lead to a denial-of-service (application crash) or arbitrary code execution in the context of the current process.
## Exploitation
- **Status:** Not exploited (No reports of exploitation in the wild at this time).
- **Complexity:** Low (CVSS 3.1) / Medium (CVSS 4.0).
- **Attack Vector:** Local (Requires a user to open a malicious file).
## Impact
- **Confidentiality:** High (Potential for unauthorized data access via code execution).
- **Integrity:** High (Potential for unauthorized modification of data).
- **Availability:** High (Application crash or system instability).
## Remediation
### Patches
- **Solid Edge SE2024:** Update to V224.0 Update 10 or later to addresses all listed CVEs. (Note: Update 5 addressed the first two, but Update 10 is required for full remediation).
### Workarounds
- **Strict File Handling:** Do not open untrusted or suspicious ASM or PAR files.
- **Operational Guidelines:** Follow Siemens' guidelines for Industrial Security and ensure devices are operated in protected IT environments.
## Detection
- **Indicators of Compromise:** Unexpected application crashes when opening specific PAR or ASM files.
- **Detection Methods and Tools:** Monitor for unusual process behavior originating from `solidedge.exe`. Use endpoint detection and response (EDR) tools to identify unauthorized memory writes or suspicious child processes.
## References
- **Vendor Advisory:** hxxps://cert-portal[.]siemens[.]com/productcert/html/ssa-730188.html
- **Support Portal:** hxxps://support[.]sw[.]siemens[.]com/product/246738425/
- **Industrial Security Guidelines:** hxxps://www[.]siemens[.]com/cert/operational-guidelines-industrial-security