CVE-2021-27398: 
Siemens Tecnomatix Plant Simulation vulnerability analysis and mitigation

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5) where the PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This vulnerability (CVE-2021-27398) was discovered by Francis Provencher working with Trend Micro's Zero Day Initiative and disclosed on May 13, 2021. The vulnerability could result in a stack-based buffer overflow, which is distinct from CVE-2021-27396 (ZDI Advisory, CISA Advisory).

The vulnerability is classified as a stack-based buffer overflow (CWE-121) with a CVSS v3.1 base score of 7.8 HIGH (Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). The specific flaw exists within the parsing of SPP files, where the PlantSimCore.dll library fails to properly validate the length of user-supplied data before copying it to a stack-based buffer (CISA Advisory, ZDI Advisory).

If successfully exploited, this vulnerability could allow an attacker to execute arbitrary code in the context of the current process, potentially leading to complete system compromise with the same privileges as the vulnerable application (ZDI Advisory).

Siemens has released version 16.0.5 as a fix for this vulnerability. Users are recommended to update to this version or later. Additionally, users should not open untrusted SPP files from unknown sources. Siemens also recommends protecting network access to devices with appropriate mechanisms and configuring the environment according to their operational guidelines for industrial security (CISA Advisory).