CVE-2025-23396
Published: 11 March 2025
Description
An adversary may rely upon a user opening a malicious file in order to gain execution.
Security Summary
CVE-2025-23396 is an out-of-bounds write vulnerability (CWE-787) present in multiple versions of Siemens Teamcenter Visualization and Tecnomatix Plant Simulation. It affects Teamcenter Visualization V14.3 (all versions prior to V14.3.0.13), V2312 (prior to V2312.0009), V2406 (prior to V2406.0007), and V2412 (prior to V2412.0002), as well as Tecnomatix Plant Simulation V2302 (prior to V2302.0021) and V2404 (prior to V2404.0010). The issue arises when the affected applications parse a specially crafted WRL file.
With a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), the vulnerability can be exploited by a local attacker with no privileges required. Exploitation requires user interaction, such as convincing a user to open a malicious WRL file within one of the affected applications. Successful exploitation allows the attacker to execute arbitrary code in the context of the current process.
Siemens Security Advisory SSA-050438, available at https://cert-portal.siemens.com/productcert/html/ssa-050438.html, provides details on the vulnerability and mitigation steps, including patches for the specified affected versions.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability is triggered by parsing a malicious WRL file opened by the user, directly enabling arbitrary code execution via user interaction with a crafted file.