Simcenter Femap Users Beware of Malicious Catia Files

CVECVE-2024-24920
CVSScvssV3_1: 7.8
SourceCVE-2024-24920

Simcenter Femap, a finite element analysis software developed by Siemens PLM Software, is affected by a buffer overflow vulnerability when opening specially crafted Catia MODEL files. Attackers can potentially exploit this to execute arbitrary code on the user’s system with the privileges of the Femap process.

The vulnerability arises due to insufficient input validation when parsing Catia files. By crafting a file with excessively long data, an attacker can overwrite memory locations beyond the intended buffer. This corrupts the application’s execution flow and allows injecting and running malicious code instead.

If exploited successfully, a remote attacker may then install programs, view, change or delete data, or create new accounts with full user rights on the targeted system. As Femap is commonly used by engineers and designers, their work computers become vulnerable to these risks.

The best way to protect yourself is to verify file sources before opening them in Femap. Also keep your software updated with the latest patches released by Siemens. Consider using a separate, restricted account for tasks involving untrusted files. Following basic security practices like these can prevent attackers from compromising your system through such buffer overflow vulnerabilities.

References