Simcenter Femap Users Beware of Malicious Catia Files

CVECVE-2024-24924
CVSScvssV3_1: 7.8
SourceCVE-2024-24924

Simcenter Femap, a finite element analysis software developed by Siemens PLM Software, is affected by a buffer overflow vulnerability when opening specially crafted Catia MODEL files.

Attackers can potentially exploit this to execute arbitrary code on the user’s system with the privileges of the Femap process. This occurs because the application does not properly sanitize user-supplied input from the Catia files before copying it into an allocated buffer in memory. By creating a malformed file with excessively long input, it is possible for an attacker to overwrite adjacent memory and hijack execution.

As an Femap user, be wary of opening Catia files from untrusted sources as it could enable remote code execution via a simple file opening. To protect yourself, only open files from trusted colleagues or download official models from verified vendor websites. Keep your Femap software up-to-date as patches may have been released to fix this vulnerability already. Following basic security practices like restricting unnecessary programs and applying the latest updates can help prevent exploitation.

Siemens has acknowledged this issue and assigned it the identifier CVE-2024-24924. Users are advised to check for patches from the vendor or consult their product support for more details and remediation instructions. Staying vigilant against potential malware payloads is recommended when using file-based CAD software.

References