CVE-2024-45468 Siemens CVE debrief

Who should care

Organizations using Siemens Teamcenter Visualization for product lifecycle management and visualization, particularly in industrial and manufacturing environments. Security teams responsible for ICS/OT asset protection, system administrators managing Teamcenter deployments, and end users who handle WRL files in visualization workflows.

Technical summary

CVE-2024-45468 is a memory corruption vulnerability in Siemens Teamcenter Visualization affecting WRL (VRML) file parsing. The flaw occurs when the application processes specially crafted WRL files, leading to memory corruption that can be exploited for arbitrary code execution. The vulnerability has a CVSS 3.1 score of 7.8 (HIGH severity) with attack vector LOCAL, attack complexity LOW, privileges required NONE, and user interaction REQUIRED. Successful exploitation grants the attacker HIGH impact across confidentiality, integrity, and availability within the context of the current process. Siemens has released patched versions: V14.2.0.14, V14.3.0.12, and V2312.0008.

Defensive priority

HIGH

Recommended defensive actions

• Apply vendor security updates: update Teamcenter Visualization V14.2 to V14.2.0.14 or later, V14.3 to V14.3.0.12 or later, or V2312 to V2312.0008 or later
• Implement user awareness training to avoid opening untrusted WRL files in affected applications
• Apply defense-in-depth strategies for industrial control systems environments per CISA guidance
• Restrict file execution permissions and implement application whitelisting where feasible
• Monitor for suspicious WRL file handling activity in affected environments

Evidence notes

The vulnerability was disclosed by CISA in advisory ICSA-24-347-09 on December 10, 2024, with a revision on May 6, 2025 to fix typos. Siemens published security advisory SSA-645131 with patches for multiple affected versions. The vulnerability affects WRL file parsing functionality in Teamcenter Visualization.

Official resources