PatchSiren cyber security CVE debrief
CVE-2024-45475 Siemens CVE debrief
CVE-2024-45475 is a high-severity memory corruption vulnerability in Siemens Teamcenter Visualization affecting versions V14.2, V14.3, and V2312. The flaw occurs during parsing of specially crafted WRL (VRML) files, which can lead to arbitrary code execution in the context of the current process when combined with other vulnerabilities. Published by CISA on December 10, 2024, and last modified on May 6, 2025, this vulnerability carries a CVSS 3.1 score of 7.8 (HIGH). The attack vector requires local access with user interaction—an attacker must convince a victim to open a malicious WRL file. Siemens has released patched versions for all affected product lines.
- Vendor
- Siemens
- Product
- Tecnomatix Plant Simulation V2302
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-10-08
- Original CVE updated
- 2025-05-06
- Advisory published
- 2024-10-08
- Advisory updated
- 2025-05-06
Who should care
Organizations using Siemens Teamcenter Visualization for product lifecycle management and CAD visualization, particularly in manufacturing, aerospace, automotive, and industrial sectors. Security teams responsible for OT/ICS environments where Teamcenter Visualization is deployed. Incident response teams tracking CAD-related attack vectors.
Technical summary
The vulnerability exists in the WRL (VRML) file parsing component of Siemens Teamcenter Visualization. Specially crafted WRL files trigger memory corruption during parsing operations. The vulnerability is exploitable only through local attack vector (AV:L) with required user interaction (UI:R), meaning an attacker must deliver a malicious file and convince a victim to open it. Successful exploitation yields high impact across confidentiality, integrity, and availability (C:H/I:H/A:H). The vulnerability is not listed in CISA KEV and shows no evidence of known ransomware campaign use. Siemens released patches for all affected versions on or before the December 10, 2024 publication date.
Defensive priority
HIGH
Recommended defensive actions
- Apply vendor patches: Update Teamcenter Visualization V14.2 to V14.2.0.14 or later, V14.3 to V14.3.0.12 or later, and V2312 to V2312.0008 or later
- Implement application whitelisting to prevent execution of untrusted Teamcenter Visualization instances
- Train users to avoid opening WRL files from untrusted sources
- Deploy endpoint detection and response (EDR) solutions with behavioral monitoring for CAD/visualization applications
- Consider network segmentation for systems running Teamcenter Visualization to limit lateral movement potential
Evidence notes
Vulnerability details sourced from CISA CSAF advisory ICSA-24-347-09 and Siemens security advisory SSA-645131. Affected products confirmed through CSAF product tree: Teamcenter Visualization V14.2, V14.3, and V2312. CVSS vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H indicates local attack vector requiring user interaction but resulting in complete confidentiality, integrity, and availability compromise.
Official resources
-
CVE-2024-45475 CVE record
CVE.org
-
CVE-2024-45475 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-12-10