CVE-2023-39183
📋 TL;DR
This vulnerability in Solid Edge SE2023 allows attackers to execute arbitrary code by exploiting an out-of-bounds read when parsing malicious PSM files. Users of Solid Edge SE2023 versions before V223.0 Update 7 are affected. The attack occurs when a user opens a specially crafted PSM file.
💻 Affected Systems
- Solid Edge SE2023
📦 What is this software?
Solid Edge by Siemens
Solid Edge by Siemens
Solid Edge by Siemens
Solid Edge by Siemens
Solid Edge by Siemens
Solid Edge by Siemens
Solid Edge by Siemens
Solid Edge by Siemens
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise through remote code execution, potentially leading to data theft, ransomware deployment, or lateral movement within the network.
Likely Case
Local privilege escalation or application crash when a user opens a malicious PSM file, potentially leading to limited code execution in the context of the current user.
If Mitigated
No impact if users don't open untrusted PSM files or if the application is patched.
🎯 Exploit Status
Exploitation requires user interaction to open a malicious PSM file. No public exploit code is currently available.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: V223.0 Update 7
Vendor Advisory: https://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf
Restart Required: Yes
Instructions:
1. Download Solid Edge SE2023 V223.0 Update 7 from Siemens support portal. 2. Close all Solid Edge applications. 3. Run the update installer with administrative privileges. 4. Restart the system after installation completes.
🔧 Temporary Workarounds
Block PSM file extensions
windowsPrevent Solid Edge from opening PSM files by blocking the file extension at the system or network level.
Using Group Policy: Computer Configuration > Policies > Windows Settings > Security Settings > Software Restriction Policies > Additional Rules > New Path Rule: Path: *.psm, Security Level: Disallowed
Disable PSM file association
windowsRemove Solid Edge as the default handler for PSM files.
Open Control Panel > Default Programs > Set Associations > Find .psm extension > Change program to Notepad or another safe viewer
🧯 If You Can't Patch
- Implement application whitelisting to prevent execution of unauthorized Solid Edge binaries.
- Use email and web gateways to block PSM file attachments and downloads.
🔍 How to Verify
Check if Vulnerable:
Check Solid Edge version: Open Solid Edge > Help > About Solid Edge. If version is earlier than V223.0 Update 7, the system is vulnerable.Check Version:
Not applicable - check via GUI in Solid Edge applicationVerify Fix Applied:
Verify Solid Edge version is V223.0 Update 7 or later in Help > About Solid Edge.📡 Detection & Monitoring
Log Indicators:
- Solid Edge crash logs with memory access violations
- Windows Application Event Logs with Faulting Module: SEPSM*.dll
Network Indicators:
- Unusual outbound connections from Solid Edge process after opening PSM files
SIEM Query:
EventID=1000 AND Source='Application Error' AND ProcessName='Edge.exe' AND FaultingModule LIKE '%SEPSM%'