PatchSiren cyber security CVE debrief
CVE-2024-45473 Siemens CVE debrief
CVE-2024-45473 is a high-severity memory corruption vulnerability in Siemens Teamcenter Visualization affecting versions V14.2, V14.3, and V2312. The flaw occurs during parsing of specially crafted WRL (VRML) files, which could enable code execution in the context of the current process when chained with other vulnerabilities. Published by CISA on December 10, 2024, and last modified on May 6, 2025, this vulnerability carries a CVSS 3.1 score of 7.8 (HIGH). The attack vector is local, requiring user interaction to open a malicious file, but successful exploitation yields high impact across confidentiality, integrity, and availability. Siemens has released patched versions for all affected product lines.
- Vendor
- Siemens
- Product
- Tecnomatix Plant Simulation V2302
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-10-08
- Original CVE updated
- 2025-05-06
- Advisory published
- 2024-10-08
- Advisory updated
- 2025-05-06
Who should care
Engineering teams using Siemens Teamcenter Visualization for product lifecycle management and digital mockup review; OT security teams protecting design and manufacturing environments; asset owners in aerospace, automotive, and industrial machinery sectors where Teamcenter Visualization is deployed; incident response teams monitoring for supply chain or design data compromise vectors.
Technical summary
A memory corruption vulnerability exists in Siemens Teamcenter Visualization when parsing malformed WRL (VRML) files. The affected versions are V14.2, V14.3, and V2312. An attacker can craft a malicious WRL file that, when opened by a user, triggers memory corruption. While the base vulnerability alone may not directly enable code execution, CISA and Siemens assess that it can be leveraged in conjunction with other vulnerabilities to achieve arbitrary code execution within the current process context. The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) indicates a local attack vector with low attack complexity, no privileges required, but user interaction necessary. The vulnerability does not affect scope but results in high impacts to confidentiality, integrity, and availability. Siemens released security advisory SSA-645131 with specific patch versions to remediate this flaw.
Defensive priority
high
Recommended defensive actions
- Apply vendor patches: update Teamcenter Visualization V14.2 to version 14.2.0.14 or later, V14.3 to version 14.3.0.12 or later, and V2312 to version V2312.0008 or later
- Implement user awareness training to prevent opening untrusted WRL files from unknown sources
- Deploy application whitelisting and endpoint protection to restrict execution of unapproved visualization software
- Segment engineering workstations from operational networks to limit lateral movement if compromise occurs
- Monitor for anomalous process behavior in Teamcenter Visualization applications as potential exploitation indicators
Evidence notes
Source: CISA CSAF advisory ICSA-24-347-09. Affected products confirmed via CSAF product tree: Teamcenter Visualization V14.2, V14.3, and V2312. Vendor fixes specified with exact version thresholds.
Official resources
-
CVE-2024-45473 CVE record
CVE.org
-
CVE-2024-45473 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-12-10