PatchSiren cyber security CVE debrief
CVE-2024-45474 Siemens CVE debrief
CVE-2024-45474 is a memory corruption vulnerability in Siemens Teamcenter Visualization affecting versions V14.2, V14.3, and V2312. The flaw occurs during parsing of specially crafted WRL (VRML) files, which could enable code execution in the context of the current process when chained with other vulnerabilities. Published by CISA on December 10, 2024, and last modified on May 6, 2025, this vulnerability carries a CVSS 3.1 score of 7.8 (HIGH). The attack vector requires local access with user interaction—an attacker must convince a victim to open a malicious WRL file. Siemens has released patched versions: V14.2.0.14, V14.3.0.12, and V2312.0008. CISA and Siemens recommend applying vendor updates promptly and avoiding untrusted WRL files as an interim mitigation.
- Vendor
- Siemens
- Product
- Tecnomatix Plant Simulation V2302
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-10-08
- Original CVE updated
- 2025-05-06
- Advisory published
- 2024-10-08
- Advisory updated
- 2025-05-06
Who should care
Organizations using Siemens Teamcenter Visualization for CAD data visualization, particularly in industrial and manufacturing environments. Engineering workstations, product lifecycle management (PLM) systems, and any systems processing external WRL/VRML content are at risk. Security teams in OT/ICS environments should prioritize patching given the potential for code execution in engineering contexts.
Technical summary
The vulnerability exists in the WRL (VRML) file parsing component of Siemens Teamcenter Visualization. Specially crafted WRL files trigger memory corruption, which can be leveraged with additional vulnerabilities to achieve arbitrary code execution. The attack requires local access and user interaction—victims must open a malicious file. The CVSS 3.1 score of 7.8 reflects high impacts to confidentiality, integrity, and availability, though the local attack vector and required user interaction limit exploitability. Siemens has addressed this in maintenance releases across three major version branches.
Defensive priority
HIGH
Recommended defensive actions
- Apply vendor security updates: update Teamcenter Visualization V14.2 to V14.2.0.14 or later, V14.3 to V14.3.0.12 or later, and V2312 to V2312.0008 or later
- Avoid opening untrusted WRL files in affected applications until patches are applied
- Implement application whitelisting and least-privilege execution for visualization software
- Monitor for suspicious WRL file handling in engineering workstations
- Review and apply CISA ICS recommended practices for defense-in-depth strategies
Evidence notes
Source: CISA CSAF advisory ICSA-24-347-09; vendor confirmation via Siemens ProductCERT SSA-645131. CVSS vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. Affected products confirmed through CSAF product tree: Teamcenter Visualization V14.2, V14.3, V2312.
Official resources
-
CVE-2024-45474 CVE record
CVE.org
-
CVE-2024-45474 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-12-10