CVE-2024-54091 Siemens CVE debrief

Who should care

Organizations using Siemens Solid Edge SE2024 or SE2025, especially CAD/engineering teams, desktop administrators, and users who routinely import or open X_T files from outside trusted sources.

Technical summary

The advisory describes a parser memory-safety flaw triggered during X_T file handling. The CVSS vector is AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating local access and user interaction are required, but no privileges are needed. The impact is code execution in the current process if a crafted file is processed. Siemens lists remediation for Solid Edge SE2024 and SE2025 via vendor updates, and CISA also recommends not opening untrusted X_T files or providing untrusted X_T data to affected applications.

Defensive priority

High. The issue is rated 7.8 High and can lead to code execution, but it requires user interaction with a crafted file and is not listed in CISA KEV in the supplied sources.

Recommended defensive actions

• Update Siemens Solid Edge SE2024 to V224.0 Update 12 or later.
• Update Siemens Solid Edge SE2025 to V225.0 Update 3 or later.
• Do not open untrusted X_T files or feed untrusted X_T data into affected applications.
• Apply CISA recommended ICS defensive practices for file handling, segmentation, and least-privilege workstation use.
• Prioritize awareness for engineering users who exchange CAD files with external parties.

Evidence notes

This debrief is based on the supplied CISA CSAF source item for ICSA-25-100-03 and the linked Siemens advisory references. The source states the affected products are Solid Edge SE2024 and SE2025, the flaw is an out-of-bounds write during X_T parsing, and the remediation versions are V224.0 Update 12 and V225.0 Update 3 respectively. The advisory was published on 2025-04-08 and later revised on 2025-05-06 for typo fixes only. No KEV entry or active ransomware linkage is provided in the supplied corpus.

Official resources