March 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – RedLine Stealer – Active IOCs
September 14, 2023Rewterz Threat Advisory – Multiple WordPress Plugins Vulnerabilities
September 14, 2023Rewterz Threat Alert – RedLine Stealer – Active IOCs
September 14, 2023Rewterz Threat Advisory – Multiple WordPress Plugins Vulnerabilities
September 14, 2023
Severity
High
Analysis Summary
CVE-2023-41032 CVSS:7.8
Siemens Parasolid could allow a remote attacker to execute arbitrary code on the system, caused by an out of bounds write when parsing X_T format files. By persuading a victim to open a specially crafted X_T format file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-41033 CVSS:7.8
Siemens Parasolid could allow a remote attacker to execute arbitrary code on the system, caused by an out of bounds write when parsing X_T format files. By persuading a victim to open a specially crafted X_T format file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-41846 CVSS:7.8
Siemens Tecnomatix Plant Simulation could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption while parsing SPP files. By persuading a victim to open a specially crafted SPP file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-38070 CVSS:7.8
Siemens Teamcenter Visualization and JT2Go are vulnerable to a stack-based buffer overflow, caused by improper bounds checking when WRL files. By persuading a victim to open a specially crafted WRL file, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2023-38071 CVSS:7.8
Siemens Teamcenter Visualization and JT2Go are vulnerable to a heap-based buffer overflow, caused by improper bounds checking when WRL files. By persuading a victim to open a specially crafted WRL file, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2023-38072 CVSS:7.8
Siemens Teamcenter Visualization and JT2Go could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write when parsing WRL files. By persuading a victim to open a specially crafted WRL file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-38073 CVSS:7.8
Siemens Teamcenter Visualization and JT2Go could allow a remote attacker to execute arbitrary code on the system, caused by type confusion when parsing WRL files. By persuading a victim to open a specially crafted WRL file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-38074 CVSS:7.8
Siemens Teamcenter Visualization and JT2Go could allow a remote attacker to execute arbitrary code on the system, caused by type confusion when parsing WRL files. By persuading a victim to open a specially crafted WRL file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-38075 CVSS:7.8
Siemens Teamcenter Visualization and JT2Go could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free when parsing WRL files. By persuading a victim to open a specially crafted WRL file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-38076 CVSS:7.8
Siemens Teamcenter Visualization and JT2Go are vulnerable to a heap-based buffer overflow, caused by improper bounds checking when WRL files. By persuading a victim to open a specially crafted WRL file, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2023-28831 CVSS:7.5
Siemens SIMATIC products are vulnerable to a denial of service, caused by an integer overflow in ANSI C OPC UA SDK. By sending a specially crafted certificate, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-40732 CVSS:3.9
Siemens QMS Automotive could allow a local authenticated attacker to hijack a user’s session, caused by insufficient session expiration in the QMS.Mobile module. An attacker could exploit this vulnerability using a valid session token to gain access to another user’s session.
CVE-2023-40731 CVSS:5.7
Siemens QMS Automotive could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to upload a malicious file, which could allow the attacker to execute arbitrary code on the vulnerable system.
CVE-2023-40730 CVSS:7.3
Siemens QMS Automotive could allow a remote authenticated attacker to bypass security restrictions, caused by improper authorization in the QMS.Mobile module. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass authentication and obtain administrative access.
CVE-2023-40729 CVSS:7.3
Siemens QMS Automotive could allow a remote attacker to conduct machine-in-the-middle attacks, caused by improper implementation of transport layer security. By sniffing the network traffic, an attacker could exploit this vulnerability to gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system.
CVE-2023-40728 CVSS:7.3
Siemens QMS Automotive could allow a local attacker to bypass security restrictions, caused by improper protection of sensitive application data in an external storage by the QMS.Mobile module. By altering the content of the application data, an attacker could exploit this vulnerability to bypass security restrictions and execute arbitrary code on the system, or cause a denial of service.
CVE-2023-40727 CVSS:7.8
Siemens QMS Automotive could provide weaker than expected security, caused by the use of a weak cryptographic signature verification schema in the QMS.Mobile module. A local authenticated attacker could exploit this vulnerability to tamper the application code, and launch further attacks on the system.
CVE-2023-40726 CVSS:8.8
Siemens QMS Automotive could allow a remote authenticated attacker to obtain sensitive information, caused by the insertion of sensitive information into an error message. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-40725 CVSS:4
Siemens QMS Automotive could allow a local attacker to obtain sensitive information, caused by an observable response discrepancy. By sending multiple requests, an attacker could exploit this vulnerability to enumerate valid usernames, and use this information to launch further attacks against the affected system.
CVE-2023-40724 CVSS:7.3
Siemens QMS Automotive could allow a local authenticated attacker to obtain sensitive information, caused by the storage of user credentials in plaintext. By performing a memory dump, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
Impact
- Code Execution
- Denial of Service
- Security Bypass
- Information Disclosure
- Buffer Overflow
- Gain Access
Indicators Of Compromise
CVE
- CVE-2023-41032
- CVE-2023-41033
- CVE-2023-41846
- CVE-2023-38070
- CVE-2023-38071
- CVE-2023-38072
- CVE-2023-38073
- CVE-2023-38074
- CVE-2023-38075
- CVE-2023-38076
- CVE-2023-28831
- CVE-2023-40732
- CVE-2023-40731
- CVE-2023-40730
- CVE-2023-40729
- CVE-2023-40728
- CVE-2023-40727
- CVE-2023-40726
- CVE-2023-40725
- CVE-2023-40724
Affected Vendors
Siemens
Affected Products
- Siemens Parasolid 35.0
- Siemens Parasolid 34.1.232
- Siemens Parasolid 35.1
- Siemens Parasolid 36.0
- Siemens Tecnomatix Plant Simulation 2201
- Siemens Tecnomatix Plant Simulation 2302
- Siemens JT2Go 13.1.0
- Siemens Teamcenter Visualization 13.1.0
- Siemens JT2Go 13.2.0
- Siemens Teamcenter Visualization 13.2.0
- Siemens Teamcenter 14.0
- Siemens JT2Go 14.1.0.3
- Siemens Teamcenter Visualization 14.0.0.2
- Siemens Teamcenter Visualization 14.1.0.3
- Siemens JT2Go 14.1.0.4
- Siemens JT2Go 14.2.0.4
- Siemens SIMATIC ET 200 SP Open Controller CPU 1515SP PC2
- Siemens SIMATIC Drive Controller family
- Siemens SIMATIC Cloud Connect 7 CC712 2.0
- Siemens SIMATIC Cloud Connect 7 CC716 2.0
- Siemens QMS Automotive
Remediation
Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.
Siemens Tecnomatix Plant Simulation