CVE-2021-27396: 
Siemens Tecnomatix Plant Simulation vulnerability analysis and mitigation

A stack-based buffer overflow vulnerability (CVE-2021-27396) was identified in Siemens Tecnomatix Plant Simulation (all versions prior to V16.0.5). The vulnerability exists in the PlantSimCore.dll library due to improper validation of user-supplied data when parsing SPP files. This is a different vulnerability than CVE-2021-27398. The vulnerability was discovered by Francis Provencher working with Trend Micro's Zero Day Initiative and was disclosed on May 13, 2021 (ZDI Advisory, CISA Advisory).

The vulnerability stems from a lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer in the PlantSimCore.dll library when parsing SPP files. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 HIGH with the following vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (CISA Advisory).

If successfully exploited, this vulnerability could allow an attacker to execute arbitrary code in the context of the current process. The vulnerability affects confidentiality, integrity, and availability of the system, with potential for complete compromise of the affected component (ZDI Advisory).

Siemens has released version 16.0.5 to address this vulnerability. Users are recommended to update to this version or later. Additionally, Siemens advises not to open untrusted SPP files from unknown sources. As general security measures, Siemens recommends protecting network access with appropriate mechanisms and configuring the environment according to operational guidelines for industrial security (CISA Advisory).