CVE-2022-46347: CWE-787: Out-of-bounds Write in Siemens Parasolid V33.1
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19079)
AI Analysis
Technical Summary
CVE-2022-46347 is a medium-severity vulnerability classified as an out-of-bounds write (CWE-787) affecting Siemens Parasolid versions prior to V33.1.264, V34.0 prior to V34.0.252, V34.1 prior to V34.1.242, V35.0 prior to V35.0.170, and Solid Edge SE2022 and SE2023 versions before specific updates. Parasolid is a widely used geometric modeling kernel embedded in various CAD (Computer-Aided Design) applications, including Siemens' Solid Edge. The vulnerability arises during the parsing of specially crafted X_B files, a file format used for 3D model data exchange. Specifically, the flaw allows an out-of-bounds write past the end of an allocated structure, which can corrupt memory and potentially enable an attacker to execute arbitrary code within the context of the affected process. This type of vulnerability is particularly dangerous because it can lead to remote code execution if an attacker can convince a user or system to open or process a maliciously crafted X_B file. Exploitation does not require prior authentication but does require the victim to load or process the malicious file, implying user interaction or automated processing of untrusted files. No known public exploits have been reported in the wild as of the publication date, but the technical nature of the vulnerability and the critical role of Parasolid in CAD workflows make it a significant risk. Siemens has not provided explicit patch links in the provided data, but updates beyond the specified versions presumably address the issue. The vulnerability impacts confidentiality, integrity, and availability by enabling code execution, potentially leading to data theft, manipulation, or denial of service within engineering and design environments.
Potential Impact
For European organizations, especially those in manufacturing, automotive, aerospace, and industrial design sectors, this vulnerability poses a substantial risk. Parasolid is integral to many CAD tools used in product design and development, and exploitation could allow attackers to compromise design intellectual property, disrupt engineering workflows, or implant persistent threats within critical infrastructure. The ability to execute code remotely via crafted files could lead to lateral movement within corporate networks, data exfiltration, or sabotage of design data. Given Europe's strong industrial base and reliance on Siemens products, the impact could extend to supply chain disruptions and economic consequences. Additionally, compromised CAD files could propagate malware or corrupted designs downstream, affecting partners and customers. The vulnerability could also be leveraged in targeted attacks against high-value engineering projects or critical infrastructure sectors, increasing the risk of espionage or sabotage.
Mitigation Recommendations
Organizations should prioritize updating Siemens Parasolid and Solid Edge products to versions at or above the fixed releases (e.g., V33.1.264 or later). In the absence of immediate patching, implement strict file validation and sandboxing for X_B file processing to prevent malicious files from executing code in trusted environments. Employ network segmentation to isolate engineering workstations and restrict access to file-sharing services where X_B files are exchanged. Use endpoint detection and response (EDR) tools to monitor for anomalous behavior indicative of exploitation attempts. Educate users about the risks of opening untrusted CAD files and enforce policies to verify file provenance. Additionally, consider disabling or restricting automatic processing of X_B files in workflows where feasible. Regularly audit and monitor CAD software usage and update asset inventories to ensure vulnerable versions are identified and remediated promptly. Collaborate with Siemens support channels to obtain official patches and advisories.
Affected Countries
Germany, France, Italy, United Kingdom, Netherlands, Sweden, Belgium, Spain, Finland, Austria
CVE-2022-46347: CWE-787: Out-of-bounds Write in Siemens Parasolid V33.1
Description
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19079)
AI-Powered Analysis
Technical Analysis
CVE-2022-46347 is a medium-severity vulnerability classified as an out-of-bounds write (CWE-787) affecting Siemens Parasolid versions prior to V33.1.264, V34.0 prior to V34.0.252, V34.1 prior to V34.1.242, V35.0 prior to V35.0.170, and Solid Edge SE2022 and SE2023 versions before specific updates. Parasolid is a widely used geometric modeling kernel embedded in various CAD (Computer-Aided Design) applications, including Siemens' Solid Edge. The vulnerability arises during the parsing of specially crafted X_B files, a file format used for 3D model data exchange. Specifically, the flaw allows an out-of-bounds write past the end of an allocated structure, which can corrupt memory and potentially enable an attacker to execute arbitrary code within the context of the affected process. This type of vulnerability is particularly dangerous because it can lead to remote code execution if an attacker can convince a user or system to open or process a maliciously crafted X_B file. Exploitation does not require prior authentication but does require the victim to load or process the malicious file, implying user interaction or automated processing of untrusted files. No known public exploits have been reported in the wild as of the publication date, but the technical nature of the vulnerability and the critical role of Parasolid in CAD workflows make it a significant risk. Siemens has not provided explicit patch links in the provided data, but updates beyond the specified versions presumably address the issue. The vulnerability impacts confidentiality, integrity, and availability by enabling code execution, potentially leading to data theft, manipulation, or denial of service within engineering and design environments.
Potential Impact
For European organizations, especially those in manufacturing, automotive, aerospace, and industrial design sectors, this vulnerability poses a substantial risk. Parasolid is integral to many CAD tools used in product design and development, and exploitation could allow attackers to compromise design intellectual property, disrupt engineering workflows, or implant persistent threats within critical infrastructure. The ability to execute code remotely via crafted files could lead to lateral movement within corporate networks, data exfiltration, or sabotage of design data. Given Europe's strong industrial base and reliance on Siemens products, the impact could extend to supply chain disruptions and economic consequences. Additionally, compromised CAD files could propagate malware or corrupted designs downstream, affecting partners and customers. The vulnerability could also be leveraged in targeted attacks against high-value engineering projects or critical infrastructure sectors, increasing the risk of espionage or sabotage.
Mitigation Recommendations
Organizations should prioritize updating Siemens Parasolid and Solid Edge products to versions at or above the fixed releases (e.g., V33.1.264 or later). In the absence of immediate patching, implement strict file validation and sandboxing for X_B file processing to prevent malicious files from executing code in trusted environments. Employ network segmentation to isolate engineering workstations and restrict access to file-sharing services where X_B files are exchanged. Use endpoint detection and response (EDR) tools to monitor for anomalous behavior indicative of exploitation attempts. Educate users about the risks of opening untrusted CAD files and enforce policies to verify file provenance. Additionally, consider disabling or restricting automatic processing of X_B files in workflows where feasible. Regularly audit and monitor CAD software usage and update asset inventories to ensure vulnerable versions are identified and remediated promptly. Collaborate with Siemens support channels to obtain official patches and advisories.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- siemens
- Date Reserved
- 2022-11-30T00:00:00.000Z
- Cisa Enriched
- true
Threat ID: 682d984bc4522896dcbf830a
Added to database: 5/21/2025, 9:09:31 AM
Last enriched: 6/20/2025, 10:50:11 AM
Last updated: 8/17/2025, 12:04:24 AM
Views: 9
Related Threats
CVE-2025-3495: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Delta Electronics COMMGR
CriticalCVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.