Multiple Vulnerabilities in SiemensSolid Edge Could Allow for Arbitrary Code Execution

DESCRIPTION:
Multiple vulnerabilities have been discovered in SiemensSolid Edge, the
most severe of which could allow an attacker to cause an arbitrary code
execution. Siemens Edge is a portfolio of software tools that addresses
various product development processes: 3D design, simulation,
manufacturing and design management. Successful exploitation of the most
severe of these vulnerabilities could allow for arbitrary code
execution. Depending on the privileges associated with the user, an
attacker could then view or modify data, as well as take full control of
the system.

IMPACT:
Multiple vulnerabilities have been discovered in SiemensSolid Edge, the
most severe of which could allow for arbitrary code execution in the
context of the system.

Details of the vulnerabilities are as follows:

* Application contains a use-after-free vulnerability that could cause
arbitrary code execution. (CVE-2021-37202)
* Application contains an out-of-bounds read while parsing user supplied
IFC files which could result in a denial-of-service condition or reading
of sensitive information from memory. (CVE-2021-37203)
* Application is vulnerable to an out of bounds read past the end of an
allocated buffer when parsing JT files which leads to information leak.
(CVE-2021-41533, CVE-2021-41534)
* Application contains a use-after-free vulnerability while parsing OBJ
files which leads to arbitrary code execution. (CVE-2021-41535,
CVE-2021-41536, CVE-2021-41537)
* Application is vulnerable to information disclosure by unexpected
access to an uninitialized pointer while parsing user-supplied OBJ files
which leads to information leak. (CVE-2021-41538)
* Application contains a use-after-free vulnerability while parsing OBJ
files which leads to arbitrary code execution. (CVE-2021-41539,
CVE-2021-41540)

Successful exploitation of the most severe of these vulnerabilities
could allow an attacker to execute arbitrary code in the context of the
system. Depending on the privileges associated with the user, an
attacker could then view or modify data, as well as take full control of
the system.

SYSTEM AFFECTED:
* Solid Edge SE2021: All versions prior to SE2021MP8

RECOMMENDATIONS:
We recommend the following actions be taken:

* Install the updates provided by Siemens immediately after appropriate
testing.
* Verify that all hosts with a public IP do not have open ports unless
absolutely necessary.
* Apply the Principle of Least Privilege to all systems and services.
* Avoid opening files from unknown sources in Solid Edge.

REFERENCES:
https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf

Published: 28 December 2021, 11:65:09 BST

Share