Login Sign Up

CVE-2024-32059

7.8 HIGH
Remote Code Execution

📋 TL;DR

This vulnerability in Simcenter Femap allows remote code execution when processing malicious IGS files. An attacker can exploit an out-of-bounds read vulnerability to execute arbitrary code within the current process context. All users running Simcenter Femap versions before V2406 are affected.

💻 Affected Systems

Products:
  • Simcenter Femap
Versions: All versions < V2406
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability is triggered when parsing IGS files, which is a core functionality of the software.

📦 What is this software?

Ps\/iges Parasolid Translator by Siemens

View all CVEs affecting Ps\/iges Parasolid Translator →

Simcenter Femap by Siemens

View all CVEs affecting Simcenter Femap →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through remote code execution, potentially leading to data theft, system manipulation, or lateral movement within the network.

🟠

Likely Case

Local privilege escalation or application crash leading to denial of service, with potential for code execution if the attacker can deliver a malicious IGS file.

🟢

If Mitigated

Application crash without code execution if exploit attempts are blocked or fail, resulting in denial of service only.

🌐 Internet-Facing: LOW with brief explanation
🏢 Internal Only: MEDIUM with brief explanation

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction to open a malicious IGS file. No public exploit code is currently available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: V2406

Vendor Advisory: https://cert-portal.siemens.com/productcert/html/ssa-064222.html

Restart Required: Yes

Instructions:

1. Download Simcenter Femap V2406 or later from Siemens support portal
2. Run the installer with administrative privileges
3. Follow the installation wizard
4. Restart the system after installation completes

🔧 Temporary Workarounds

Restrict IGS file processing

windows

Block or restrict processing of IGS files through application controls or file type restrictions

User awareness training

all

Train users to only open IGS files from trusted sources

🧯 If You Can't Patch

  • Implement application whitelisting to restrict execution of Simcenter Femap to trusted locations only
  • Use network segmentation to isolate systems running vulnerable versions from critical assets

🔍 How to Verify

Check if Vulnerable:

Check the installed version of Simcenter Femap via Help > About in the application interface

Check Version:

Not applicable - check via application GUI

Verify Fix Applied:

Verify the version shows V2406 or later in Help > About dialog

📡 Detection & Monitoring

Log Indicators:

  • Application crash logs from Simcenter Femap
  • Unexpected process termination events
  • Security logs showing file access to IGS files

Network Indicators:

  • Unusual network connections originating from Simcenter Femap process

SIEM Query:

EventID=1000 OR EventID=1001 AND ProcessName="femap.exe"

📊 Metadata

CVE ID: CVE-2024-32059
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-125
Published: May 14, 2024
Last Updated: August 20, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-32059, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)