Login Sign Up

CVE-2024-32061

7.8 HIGH
Remote Code Execution

📋 TL;DR

This vulnerability in Simcenter Femap allows attackers to execute arbitrary code by exploiting an out-of-bounds read when parsing malicious IGS files. Users of Simcenter Femap versions before V2406 are affected, potentially enabling remote code execution in the context of the current process.

💻 Affected Systems

Products:
  • Simcenter Femap
Versions: All versions < V2406
Operating Systems: Windows (primary platform for Femap)
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability is present in default installations when processing IGS files.

📦 What is this software?

Ps\/iges Parasolid Translator by Siemens

View all CVEs affecting Ps\/iges Parasolid Translator →

Simcenter Femap by Siemens

View all CVEs affecting Simcenter Femap →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise via remote code execution, allowing attacker to install malware, exfiltrate data, or pivot to other systems.

🟠

Likely Case

Local privilege escalation or application crash leading to denial of service, with potential for limited code execution.

🟢

If Mitigated

Application crash without code execution if exploit fails or is blocked by security controls.

🌐 Internet-Facing: LOW (requires user interaction to open malicious file, not typically internet-exposed)
🏢 Internal Only: MEDIUM (internal users could be tricked into opening malicious files via phishing or shared drives)

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction to open a malicious IGS file. No public exploit code is currently available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: V2406

Vendor Advisory: https://cert-portal.siemens.com/productcert/html/ssa-064222.html

Restart Required: Yes

Instructions:

1. Download Simcenter Femap V2406 or later from Siemens support portal. 2. Install the update following Siemens installation procedures. 3. Restart the application and any related services.

🔧 Temporary Workarounds

Restrict IGS file processing

windows

Block or restrict processing of IGS files through application settings or group policies

User awareness training

all

Train users not to open IGS files from untrusted sources

🧯 If You Can't Patch

  • Implement application whitelisting to prevent execution of unauthorized code
  • Use network segmentation to isolate Femap systems from critical assets

🔍 How to Verify

Check if Vulnerable:

Check Femap version via Help > About in the application interface

Check Version:

Not applicable - check via GUI only

Verify Fix Applied:

Verify version is V2406 or later in Help > About dialog

📡 Detection & Monitoring

Log Indicators:

  • Application crashes when processing IGS files
  • Unexpected process creation from Femap

Network Indicators:

  • Unusual outbound connections from Femap process

SIEM Query:

Process creation events from femap.exe followed by suspicious network activity

📊 Metadata

CVE ID: CVE-2024-32061
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-125
Published: May 14, 2024
Last Updated: August 20, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-32061, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)