PatchSiren cyber security CVE debrief
CVE-2024-45471 Siemens CVE debrief
CVE-2024-45471 is a high-severity out-of-bounds write vulnerability in Siemens Teamcenter Visualization affecting versions V14.2, V14.3, and V2312. The flaw exists in the parsing of specially crafted WRL (VRML) files, which can trigger memory corruption and allow an attacker to execute arbitrary code within the context of the current process. This vulnerability requires local access and user interaction, as the victim must open a malicious file. The issue was disclosed on December 10, 2024, with a revision on May 6, 2025, to correct typographical errors. Siemens has released patched versions for all affected product lines.
- Vendor
- Siemens
- Product
- Tecnomatix Plant Simulation V2302
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-10-08
- Original CVE updated
- 2025-05-06
- Advisory published
- 2024-10-08
- Advisory updated
- 2025-05-06
Who should care
Organizations using Siemens Teamcenter Visualization for CAD data visualization, particularly in industrial and manufacturing environments. Security teams responsible for OT/ICS asset protection, CAD administrators, and end-users who routinely work with WRL format files.
Technical summary
The vulnerability stems from improper bounds checking during WRL (Virtual Reality Modeling Language) file parsing in Teamcenter Visualization. A malformed WRL file can trigger an out-of-bounds write, corrupting heap memory. Successful exploitation yields code execution with the privileges of the user running the application. The attack vector is local, requiring the attacker to deliver a malicious file and convince the user to open it. No network-based exploitation path is indicated.
Defensive priority
HIGH
Recommended defensive actions
- Update Teamcenter Visualization V14.2 to version 14.2.0.14 or later
- Update Teamcenter Visualization V14.3 to version 14.3.0.12 or later
- Update Teamcenter Visualization V2312 to version V2312.0008 or later
- Implement application whitelisting to prevent execution of untrusted WRL file parsers
- Train users to avoid opening WRL files from untrusted sources
- Consider network segmentation for systems running affected visualization software
Evidence notes
Vulnerability confirmed through CISA ICS advisory ICSA-24-347-09 and Siemens security advisory SSA-645131. CVSS 3.1 vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.
Official resources
-
CVE-2024-45471 CVE record
CVE.org
-
CVE-2024-45471 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-12-10