PatchSiren cyber security CVE debrief
CVE-2024-45467 Siemens CVE debrief
A memory corruption vulnerability in Siemens Teamcenter Visualization allows code execution when parsing malicious WRL files. The flaw, published December 10, 2024, carries a HIGH severity CVSS 3.1 score of 7.8. Attackers can exploit this by convincing users to open crafted WRL files, resulting in arbitrary code execution within the current process context. Siemens has released patched versions for affected product lines.
- Vendor
- Siemens
- Product
- Tecnomatix Plant Simulation V2302
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-10-08
- Original CVE updated
- 2025-05-06
- Advisory published
- 2024-10-08
- Advisory updated
- 2025-05-06
Who should care
Organizations using Siemens Teamcenter Visualization for CAD data management and 3D visualization, particularly in industrial and manufacturing environments. Security teams responsible for OT/ICS asset protection, CAD administrators, and engineers who exchange WRL files with external partners should prioritize patching and user awareness measures.
Technical summary
CVE-2024-45467 is a memory corruption vulnerability in Siemens Teamcenter Visualization affecting versions V14.2, V14.3, and V2312. The flaw occurs during parsing of specially crafted WRL (VRML) files, which can trigger memory corruption and lead to arbitrary code execution in the context of the current process. The vulnerability requires local access with user interaction (opening a malicious file), but requires no privileges and has low attack complexity. The CVSS 3.1 vector is AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating high impacts to confidentiality, integrity, and availability. Siemens has released specific patched versions for each affected product line. CISA recommends defense-in-depth strategies for industrial control systems running affected software.
Defensive priority
HIGH
Recommended defensive actions
- Apply vendor patches: Update Teamcenter Visualization V14.2 to V14.2.0.14 or later, V14.3 to V14.3.0.12 or later, and V2312 to V2312.0008 or later
- Implement user awareness training to avoid opening untrusted WRL files from unknown sources
- Consider application sandboxing or restricted execution environments for CAD visualization tools
- Deploy endpoint detection and response (EDR) solutions to monitor for anomalous process behavior in visualization applications
- Review and restrict file type associations for WRL files in enterprise environments to prevent accidental execution
Evidence notes
The vulnerability was disclosed by CISA in advisory ICSA-24-347-09 on December 10, 2024, with a revision on May 6, 2025 to fix typos. The source is a government advisory (CISA CSAF) with high confidence vendor attribution to Siemens. The vulnerability affects parsing of WRL (VRML) files, a 3D graphics format used in CAD visualization workflows.
Official resources
-
CVE-2024-45467 CVE record
CVE.org
-
CVE-2024-45467 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-12-10