CVE-2024-32635 Siemens CVE debrief

Who should care

Organizations using Siemens JT2Go or Teamcenter Visualization for CAD/CAM/CAE workflows, particularly in industrial control system environments, manufacturing, and product lifecycle management. Security teams responsible for engineering workstation protection and supply chain security for design file exchanges.

Technical summary

The vulnerability exists in the X_T (Parasolid) file parsing component of Siemens visualization products. An out-of-bounds read past unmapped memory regions occurs when processing malformed X_T files. This memory safety violation can be leveraged to achieve arbitrary code execution within the context of the parsing application. The attack surface is limited to local exploitation requiring user interaction (opening a malicious file), but the impact is severe with CVSS 7.8 (HIGH) reflecting complete system compromise potential. The vulnerability is not listed in CISA KEV and no known ransomware campaigns have been attributed to its exploitation.

Defensive priority

HIGH

Recommended defensive actions

• Update JT2Go to V2312.0005 or later
• Update Teamcenter Visualization V14.2 to V14.2.0.12 or later
• Update Teamcenter Visualization V14.3 to V14.3.0.10 or later
• Update Teamcenter Visualization V2312 to V2312.0005 or later
• Implement application whitelisting to prevent execution of untrusted X_T file parsers
• Train users to avoid opening X_T files from untrusted sources
• Consider network segmentation for systems running affected visualization software

Evidence notes

Vulnerability details sourced from CISA CSAF advisory ICSA-24-228-03 and Siemens security advisory SSA-856475. Affected products and remediation versions explicitly listed in CSAF product tree. CVSS 3.1 vector confirms local attack vector with user interaction required.

Official resources