CVE-2024-45472: 
Siemens Tecnomatix Plant Simulation vulnerability analysis and mitigation

CVE-2024-45472 is a memory corruption vulnerability discovered in Siemens Teamcenter Visualization and Tecnomatix Plant Simulation products. The vulnerability affects multiple versions including Teamcenter Visualization V14.2 (versions < V14.2.0.14), V14.3 (versions < V14.3.0.12), V2312 (versions < V2312.0008), and Tecnomatix Plant Simulation V2302 (versions < V2302.0016) and V2404 (versions < V2404.0005). The vulnerability was initially disclosed on October 8, 2024, with an update on December 10, 2024 (Siemens Advisory, CISA Advisory).

The vulnerability is classified as an Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119). It occurs while parsing specially crafted WRL files, where the application becomes vulnerable to memory corruption. The vulnerability has been assigned a CVSS v3.1 Base Score of 7.8 (HIGH) with vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, and a CVSS v4.0 Base Score of 7.3 with vector string CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N (Siemens Advisory).

If successfully exploited, an attacker could leverage this vulnerability in conjunction with other vulnerabilities to execute code in the context of the current process. The vulnerability affects the confidentiality, integrity, and availability of the affected systems (CISA Advisory).

Siemens has released updates to address the vulnerability and recommends users update to the following versions: Teamcenter Visualization V14.2 to V14.2.0.14 or later, V14.3 to V14.3.0.12 or later, V2312 to V2312.0008 or later, Tecnomatix Plant Simulation V2302 to V2302.0016 or later, and V2404 to V2404.0005 or later. As a workaround, users are advised not to open untrusted WRL files in affected applications (Siemens Advisory).