CVE-2024-31980 – This vulnerability in Siemens Parasolid allows ... (How to Fix)

Q: How do I fix CVE-2024-31980?

1. Identify Parasolid version in use. 2. Download appropriate patch from Siemens support portal. 3. Apply patch following vendor instructions. 4. Restart affected applications/services.

Q: What is the severity of CVE-2024-31980?

CVE-2024-31980 has a CVSS score of 7.8 (HIGH). This vulnerability in Siemens Parasolid allows remote code execution when processing malicious X_T part files. An out-of-bounds write vulnerability enables attackers to execute arbitrary code within the application's context. Organizations using affected Parasolid versions for CAD/CAM operations are at risk.

📋 TL;DR

This vulnerability in Siemens Parasolid allows remote code execution when processing malicious X_T part files. An out-of-bounds write vulnerability enables attackers to execute arbitrary code within the application's context. Organizations using affected Parasolid versions for CAD/CAM operations are at risk.

💻 Affected Systems

Products:

Siemens Parasolid

Versions: V35.1 (< V35.1.256), V36.0 (< V36.0.210), V36.1 (< V36.1.185)

Operating Systems: Windows, Linux, macOS (where Parasolid runs)

Default Config Vulnerable: ⚠️ Yes

Notes: Any application using affected Parasolid kernels (NX, Solid Edge, other CAD software) is vulnerable when processing X_T files.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise leading to data theft, ransomware deployment, or lateral movement within the network.

🟠

Likely Case

Application crash leading to denial of service or limited code execution within the Parasolid process context.

🟢

If Mitigated

Application crash with no code execution if memory protections (ASLR, DEP) are effective.

🌐 Internet-Facing: MEDIUM - Risk exists if Parasolid processes files from untrusted internet sources, but typically CAD software isn't directly internet-facing.

🏢 Internal Only: HIGH - Internal users could exploit this via malicious files in shared drives, email attachments, or compromised supply chain files.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting a malicious X_T file, but no authentication is needed to trigger the vulnerability when the file is processed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: V35.1.256, V36.0.210, V36.1.185 or later

Vendor Advisory: https://cert-portal.siemens.com/productcert/html/ssa-489698.html

Restart Required: Yes

Instructions:

1. Identify Parasolid version in use. 2. Download appropriate patch from Siemens support portal. 3. Apply patch following vendor instructions. 4. Restart affected applications/services.

🔧 Temporary Workarounds

Restrict X_T file processing

all

Block or sandbox processing of X_T files from untrusted sources

Application sandboxing

all

Run Parasolid-based applications with reduced privileges or in containers

🧯 If You Can't Patch

Implement strict file validation for X_T files before processing
Use application allowlisting to prevent unauthorized Parasolid execution

🔍 How to Verify

Check if Vulnerable:

Check Parasolid version in application about dialog or via vendor documentation

Check Version:

Application-specific (typically in Help > About or via vendor tools)

Verify Fix Applied:

Verify installed version is equal to or greater than patched versions listed in vendor advisory

📡 Detection & Monitoring

Log Indicators:

Application crashes when processing X_T files
Unexpected memory access errors in application logs

Network Indicators:

Unusual outbound connections from CAD applications
File transfers of X_T files to untrusted sources

SIEM Query:

EventID=1000 OR EventID=1001 with Parasolid process name AND .x_t file extension

📊 Metadata

CVE ID: CVE-2024-31980

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: May 14, 2024

Last Updated: October 3, 2025

🔗 References

https://cert-portal.siemens.com/productcert/html/ssa-489698.html Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-489698.html Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-31980, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Parasolid by Siemens

Parasolid by Siemens

Parasolid by Siemens

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Restrict X_T file processing

Application sandboxing

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities