Request a Demo
Rewterz
North Korean APT Kimsuky aka Black Banshee – Active IOCs
November 19, 2024
Rewterz
FormBook Malware – Active IOCs
November 20, 2024

ICS: Multiple Siemens Tecnomatix Plant Simulation Vulnerabilities

Severity

High

Analysis Summary

CVE-2024-52565 CVSS:7.8

Siemens Tecnomatix Plant Simulation could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write when parsing a specially crafted WRL file. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-52572 CVSS:7.8

Siemens Tecnomatix Plant Simulation is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when parsing a specially crafted WRL file. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to overflow a buffer and execute arbitrary code on the system.

CVE-2024-52568 CVSS:7.8

Siemens Tecnomatix Plant Simulation could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free when parsing a specially crafted WRL file. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-52571 CVSS:7.8

Siemens Tecnomatix Plant Simulation could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write when parsing a specially crafted WRL file. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-52573 CVSS:7.8

Siemens Tecnomatix Plant Simulation could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write when parsing a specially crafted WRL file. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-52569 CVSS:7.8

Siemens Tecnomatix Plant Simulation could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write when parsing a specially crafted WRL file. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-52574 CVSS:7.8

Siemens Tecnomatix Plant Simulation could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read when parsing a specially crafted WRL file. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-52570 CVSS:7.8

Siemens Tecnomatix Plant Simulation could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write when parsing a specially crafted WRL file. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-52567 CVSS:7.8

Siemens Tecnomatix Plant Simulation could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read when parsing a specially crafted WRL file. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Impact

  • Code Execution
  • Buffer Overflow

Indicators of Compromise

CVE

  • CVE-2024-52565
  • CVE-2024-52572
  • CVE-2024-52568
  • CVE-2024-52571
  • CVE-2024-52573
  • CVE-2024-52569
  • CVE-2024-52574
  • CVE-2024-52570
  • CVE-2024-52567

Affected Vendors

Siemens

Affected Products

  • Siemens Tecnomatix Plant Simulation V2302
  • Siemens Tecnomatix Plant Simulation V2404

Remediation

Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.

Siemens Security Advisory