PatchSiren cyber security CVE debrief
CVE-2024-45465 Siemens CVE debrief
CVE-2024-45465 is a high-severity out-of-bounds read vulnerability in Siemens Teamcenter Visualization affecting versions V14.2, V14.3, and V2312. The flaw occurs when parsing specially crafted WRL (VRML) files, allowing an attacker to execute arbitrary code in the context of the current process. Published by CISA on December 10, 2024, this vulnerability requires local access and user interaction, with an attacker needing to convince a victim to open a malicious file. Siemens has released patched versions for all affected product lines. The vulnerability carries a CVSS 3.1 score of 7.8 (HIGH) with the vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating high impacts to confidentiality, integrity, and availability.
- Vendor
- Siemens
- Product
- Tecnomatix Plant Simulation V2302
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-10-08
- Original CVE updated
- 2025-05-06
- Advisory published
- 2024-10-08
- Advisory updated
- 2025-05-06
Who should care
Organizations using Siemens Teamcenter Visualization for product lifecycle management and digital mockup review, particularly in manufacturing, aerospace, automotive, and industrial sectors. Security teams responsible for OT/ICS environments, CAD/CAM system administrators, and engineers who regularly exchange and open WRL/VRML format 3D models should prioritize patching.
Technical summary
The vulnerability exists in the WRL (VRML) file parsing component of Siemens Teamcenter Visualization. An out-of-bounds read past the end of an allocated structure occurs when processing malformed WRL files. This memory safety issue can be exploited to achieve arbitrary code execution within the context of the affected application process. The attack requires local access and user interaction, as the victim must open a maliciously crafted WRL file. The vulnerability affects three product versions: V14.2, V14.3, and V2312, with specific patch versions available for each. The CVSS 3.1 vector indicates local attack vector, low attack complexity, no privileges required, user interaction required, unchanged scope, and high impacts across confidentiality, integrity, and availability.
Defensive priority
HIGH
Recommended defensive actions
- Apply vendor patches: Update Teamcenter Visualization V14.2 to V14.2.0.14 or later, V14.3 to V14.3.0.12 or later, and V2312 to V2312.0008 or later.
- Implement user awareness training to prevent opening untrusted WRL files from unknown sources.
- Consider application whitelisting and file type restrictions to block unauthorized WRL file execution.
- Monitor for suspicious file parsing activities in Teamcenter Visualization environments.
- Review and apply CISA ICS recommended practices for defense-in-depth strategies.
Evidence notes
CISA ICS advisory ICSA-24-347-09 published 2024-12-10; Siemens security advisory SSA-645131; CVSS 3.1 score 7.8 confirmed in source.
Official resources
-
CVE-2024-45465 CVE record
CVE.org
-
CVE-2024-45465 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-12-10