CVE-2024-47942 Siemens CVE debrief

Who should care

Organizations using Siemens Solid Edge SE2024 for CAD/CAM operations, particularly in industrial and manufacturing environments where the software interfaces with production systems. Security teams responsible for endpoint protection in engineering workstations should prioritize this patch due to the high impact potential of successful exploitation.

Technical summary

The affected Solid Edge SE2024 application loads dynamic-link libraries (DLLs) without adequately verifying their origin or integrity. An attacker with local access and low privileges can place a malicious DLL in a location where the application will load it, resulting in arbitrary code execution within the application's security context. The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) reflects this local attack vector requiring user interaction but yielding complete system compromise potential.

Defensive priority

HIGH

Recommended defensive actions

• Apply Siemens Solid Edge V224.0 Update 9 or later to affected systems
• Restrict write permissions to application directories to prevent DLL placement
• Implement application whitelisting to control executable and library loading
• Monitor for unauthorized DLL files in Solid Edge installation directories
• Review and apply CISA ICS recommended practices for defense-in-depth strategies

Evidence notes

CVE published and modified 2024-11-12 per CISA CSAF advisory ICSA-24-319-05. Vendor fix confirmed by Siemens security advisory SSA-351178. CVSS vector AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H indicates local attack vector with high impact potential.

Official resources