CVE-2024-23803: 
Siemens Tecnomatix Plant Simulation vulnerability analysis and mitigation

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions) and Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The vulnerability (CVE-2024-23803) is characterized by an out-of-bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This vulnerability was discovered and reported to Siemens, who published the advisory on February 13, 2024 (Siemens Advisory).

The vulnerability is classified as an out-of-bounds write (CWE-787) vulnerability. It has been assigned a CVSS v3.1 Base Score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H and a CVSS v4.0 Base Score of 7.3 with the vector string CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N (Siemens Advisory, CISA Advisory).

If successfully exploited, this vulnerability could allow an attacker to execute code in the context of the current process. The vulnerability requires user interaction, specifically opening a malicious SPP file using Tecnomatix Plant Simulation (Siemens Advisory).

For Tecnomatix Plant Simulation V2302, users should update to V2302.0007 or later version. For V2201, no fix is currently planned. Siemens recommends not opening untrusted SPP files using Tecnomatix Plant Simulation. Additionally, users should protect network access to devices with appropriate mechanisms and configure the environment according to Siemens' operational guidelines for Industrial Security (Siemens Advisory).