CVE-2024-32057 – A type confusion vulnerability in Simcenter Fem... (How to Fix)

Q: What is the severity of CVE-2024-32057?

CVE-2024-32057 has a CVSS score of 7.8 (HIGH). A type confusion vulnerability in Simcenter Femap allows attackers to execute arbitrary code by tricking the application into misinterpreting data types while parsing IGS files. This affects all Simcenter Femap users running versions before V2406, potentially leading to full system compromise if exploited.

📋 TL;DR

A type confusion vulnerability in Simcenter Femap allows attackers to execute arbitrary code by tricking the application into misinterpreting data types while parsing IGS files. This affects all Simcenter Femap users running versions before V2406, potentially leading to full system compromise if exploited.

💻 Affected Systems

Products:

Simcenter Femap

Versions: All versions before V2406

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability is present in default installations when processing IGS files.

📦 What is this software?

Ps\/iges Parasolid Translator by Siemens

View all CVEs affecting Ps\/iges Parasolid Translator →

Simcenter Femap by Siemens

View all CVEs affecting Simcenter Femap →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system takeover with attacker executing arbitrary code in the context of the current process, potentially leading to data theft, system destruction, or lateral movement.

🟠

Likely Case

Local privilege escalation or remote code execution when a user opens a malicious IGS file, leading to compromise of the affected system.

🟢

If Mitigated

Limited impact if proper file validation and user privilege restrictions are in place, potentially preventing successful exploitation.

🌐 Internet-Facing: LOW - This vulnerability requires user interaction (opening a malicious file) and is not directly exploitable over network protocols.

🏢 Internal Only: MEDIUM - Internal users could be targeted via phishing or shared malicious files, but exploitation requires user interaction.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user interaction to open a malicious IGS file. No public exploit code is currently available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: V2406

Vendor Advisory: https://cert-portal.siemens.com/productcert/html/ssa-064222.html

Restart Required: Yes

Instructions:

1. Download Simcenter Femap V2406 or later from Siemens support portal. 2. Install the update following Siemens installation procedures. 3. Restart the application and any related services.

🔧 Temporary Workarounds

Restrict IGS file processing

windows

Block or restrict processing of IGS files through application settings or group policies

User awareness training

all

Train users to only open IGS files from trusted sources

🧯 If You Can't Patch

Implement application whitelisting to prevent unauthorized code execution
Run Simcenter Femap with minimal user privileges and in isolated environments

🔍 How to Verify

Check if Vulnerable:

Check Simcenter Femap version in Help > About. If version is below V2406, the system is vulnerable.

Check Version:

Check Help > About menu within Simcenter Femap application

Verify Fix Applied:

Verify the version shows V2406 or higher in Help > About after patching.

📡 Detection & Monitoring

Log Indicators:

Unexpected process crashes when opening IGS files
Suspicious child processes spawned from Simcenter Femap

Network Indicators:

Unusual outbound connections from Simcenter Femap process

SIEM Query:

Process creation where parent process contains 'femap' and child process is suspicious or unexpected

📊 Metadata

CVE ID: CVE-2024-32057

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-843

Published: May 14, 2024

Last Updated: August 20, 2025

🔗 References

https://cert-portal.siemens.com/productcert/html/ssa-064222.html Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-976324.html Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-064222.html Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-976324.html Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-32057, you might also want to check these: