CVE-2022-46348: CWE-787: Out-of-bounds Write in Siemens Parasolid V33.1
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19383)
AI Analysis
Technical Summary
CVE-2022-46348 is a security vulnerability identified in Siemens Parasolid versions prior to V33.1.264, V34.0 prior to V34.0.252, V34.1 prior to V34.1.242, V35.0 prior to V35.0.170, as well as in Solid Edge SE2022 and SE2023 versions before V223.0Update2. The vulnerability is classified as CWE-787, an out-of-bounds write, which occurs when the software writes data past the boundary of an allocated memory buffer. Specifically, this vulnerability arises during the parsing of specially crafted X_B files, a file format used by Parasolid for 3D modeling data exchange. An attacker who crafts a malicious X_B file can trigger an out-of-bounds write past the end of an allocated structure, potentially leading to arbitrary code execution within the context of the affected process. This means that if an attacker can convince a user or system to open or process a malicious X_B file, they could execute code with the privileges of the application using Parasolid, potentially leading to system compromise or further lateral movement within a network. The vulnerability does not require user authentication but does require that the vulnerable application processes the malicious file. As of the publication date, no known exploits have been observed in the wild, and Siemens has released updates to address the issue in the specified versions. However, the absence of public exploits does not preclude the risk, especially in environments where Parasolid and Solid Edge are widely used for CAD and engineering workflows.
Potential Impact
For European organizations, particularly those in manufacturing, automotive, aerospace, and engineering sectors that rely heavily on Siemens Parasolid and Solid Edge software for 3D modeling and CAD design, this vulnerability poses a significant risk. Exploitation could lead to unauthorized code execution, potentially compromising intellectual property, disrupting design workflows, or enabling further attacks on corporate networks. Given the critical role of CAD software in product development and industrial design, any compromise could result in operational downtime, loss of sensitive design data, and damage to competitive advantage. Additionally, organizations involved in critical infrastructure or defense contracting may face heightened risks due to the strategic importance of their design data. The vulnerability's ability to execute code without authentication and without requiring extensive user interaction (beyond opening or processing a malicious file) increases the attack surface, especially in environments where files are exchanged between partners or downloaded from untrusted sources. The medium severity rating reflects the balance between the need for user interaction and the potential for significant impact on confidentiality, integrity, and availability of critical design data and systems.
Mitigation Recommendations
1. Immediate application of Siemens' patches and updates to all affected versions of Parasolid and Solid Edge is the most effective mitigation. Organizations should verify their software versions and prioritize updates accordingly. 2. Implement strict file validation and sandboxing for X_B files, especially those received from external or untrusted sources, to prevent malicious files from being processed directly by vulnerable software. 3. Employ network segmentation and access controls to limit the exposure of systems running Parasolid and Solid Edge, reducing the risk of lateral movement if exploitation occurs. 4. Educate users and engineers about the risks of opening files from untrusted sources and establish secure file exchange protocols, including scanning files with advanced malware detection tools before use. 5. Monitor systems for unusual behavior or crashes related to Parasolid or Solid Edge processes, which could indicate attempted exploitation. 6. Consider application whitelisting and endpoint protection solutions that can detect or block anomalous code execution within CAD software processes. 7. Maintain regular backups of critical design data to enable recovery in case of compromise or ransomware attacks leveraging this vulnerability.
Affected Countries
Germany, France, Italy, United Kingdom, Netherlands, Sweden, Belgium, Spain, Poland, Czech Republic
CVE-2022-46348: CWE-787: Out-of-bounds Write in Siemens Parasolid V33.1
Description
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19383)
AI-Powered Analysis
Technical Analysis
CVE-2022-46348 is a security vulnerability identified in Siemens Parasolid versions prior to V33.1.264, V34.0 prior to V34.0.252, V34.1 prior to V34.1.242, V35.0 prior to V35.0.170, as well as in Solid Edge SE2022 and SE2023 versions before V223.0Update2. The vulnerability is classified as CWE-787, an out-of-bounds write, which occurs when the software writes data past the boundary of an allocated memory buffer. Specifically, this vulnerability arises during the parsing of specially crafted X_B files, a file format used by Parasolid for 3D modeling data exchange. An attacker who crafts a malicious X_B file can trigger an out-of-bounds write past the end of an allocated structure, potentially leading to arbitrary code execution within the context of the affected process. This means that if an attacker can convince a user or system to open or process a malicious X_B file, they could execute code with the privileges of the application using Parasolid, potentially leading to system compromise or further lateral movement within a network. The vulnerability does not require user authentication but does require that the vulnerable application processes the malicious file. As of the publication date, no known exploits have been observed in the wild, and Siemens has released updates to address the issue in the specified versions. However, the absence of public exploits does not preclude the risk, especially in environments where Parasolid and Solid Edge are widely used for CAD and engineering workflows.
Potential Impact
For European organizations, particularly those in manufacturing, automotive, aerospace, and engineering sectors that rely heavily on Siemens Parasolid and Solid Edge software for 3D modeling and CAD design, this vulnerability poses a significant risk. Exploitation could lead to unauthorized code execution, potentially compromising intellectual property, disrupting design workflows, or enabling further attacks on corporate networks. Given the critical role of CAD software in product development and industrial design, any compromise could result in operational downtime, loss of sensitive design data, and damage to competitive advantage. Additionally, organizations involved in critical infrastructure or defense contracting may face heightened risks due to the strategic importance of their design data. The vulnerability's ability to execute code without authentication and without requiring extensive user interaction (beyond opening or processing a malicious file) increases the attack surface, especially in environments where files are exchanged between partners or downloaded from untrusted sources. The medium severity rating reflects the balance between the need for user interaction and the potential for significant impact on confidentiality, integrity, and availability of critical design data and systems.
Mitigation Recommendations
1. Immediate application of Siemens' patches and updates to all affected versions of Parasolid and Solid Edge is the most effective mitigation. Organizations should verify their software versions and prioritize updates accordingly. 2. Implement strict file validation and sandboxing for X_B files, especially those received from external or untrusted sources, to prevent malicious files from being processed directly by vulnerable software. 3. Employ network segmentation and access controls to limit the exposure of systems running Parasolid and Solid Edge, reducing the risk of lateral movement if exploitation occurs. 4. Educate users and engineers about the risks of opening files from untrusted sources and establish secure file exchange protocols, including scanning files with advanced malware detection tools before use. 5. Monitor systems for unusual behavior or crashes related to Parasolid or Solid Edge processes, which could indicate attempted exploitation. 6. Consider application whitelisting and endpoint protection solutions that can detect or block anomalous code execution within CAD software processes. 7. Maintain regular backups of critical design data to enable recovery in case of compromise or ransomware attacks leveraging this vulnerability.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- siemens
- Date Reserved
- 2022-11-30T00:00:00.000Z
- Cisa Enriched
- true
Threat ID: 682d984bc4522896dcbf8312
Added to database: 5/21/2025, 9:09:31 AM
Last enriched: 6/20/2025, 10:49:56 AM
Last updated: 7/26/2025, 10:18:26 PM
Views: 13
Related Threats
CVE-2025-41686: CWE-306 Missing Authentication for Critical Function in Phoenix Contact DaUM
HighCVE-2025-8874: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in litonice13 Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations
MediumCVE-2025-8767: CWE-1236 Improper Neutralization of Formula Elements in a CSV File in anwppro AnWP Football Leagues
MediumCVE-2025-8482: CWE-862 Missing Authorization in 10up Simple Local Avatars
MediumCVE-2025-8418: CWE-862 Missing Authorization in bplugins B Slider- Gutenberg Slider Block for WP
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.