Login Sign Up

CVE-2024-32063

7.8 HIGH
Remote Code Execution

📋 TL;DR

A type confusion vulnerability in Simcenter Femap allows attackers to execute arbitrary code by tricking the application into misinterpreting data types while parsing malicious IGS files. This affects all Simcenter Femap users running versions before V2406, potentially leading to complete system compromise.

💻 Affected Systems

Products:
  • Simcenter Femap
Versions: All versions < V2406
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability triggers when parsing IGS files, which is a standard feature in Femap for CAD data exchange.

📦 What is this software?

Ps\/iges Parasolid Translator by Siemens

View all CVEs affecting Ps\/iges Parasolid Translator →

Simcenter Femap by Siemens

View all CVEs affecting Simcenter Femap →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system takeover with attacker gaining the same privileges as the Femap process, potentially leading to data theft, ransomware deployment, or lateral movement within the network.

🟠

Likely Case

Local privilege escalation leading to unauthorized access to engineering data, system manipulation, or installation of persistent malware.

🟢

If Mitigated

Limited impact with proper network segmentation and user privilege restrictions, potentially only affecting the local Femap process.

🌐 Internet-Facing: LOW
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction to open a malicious IGS file. No public exploit code is currently available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: V2406

Vendor Advisory: https://cert-portal.siemens.com/productcert/html/ssa-064222.html

Restart Required: Yes

Instructions:

1. Download Simcenter Femap V2406 or later from Siemens support portal
2. Run the installer with administrative privileges
3. Follow installation wizard prompts
4. Restart the system after installation completes

🔧 Temporary Workarounds

Restrict IGS file handling

windows

Block or restrict IGS file processing in Femap through application settings or group policies

File extension filtering

windows

Use Windows Group Policy or endpoint protection to block execution of IGS files

🧯 If You Can't Patch

  • Implement application whitelisting to restrict Femap execution to trusted locations
  • Use network segmentation to isolate Femap systems from critical infrastructure

🔍 How to Verify

Check if Vulnerable:

Check Femap version via Help > About in the application interface

Check Version:

Not applicable - check via GUI only

Verify Fix Applied:

Verify version is V2406 or later in Help > About dialog

📡 Detection & Monitoring

Log Indicators:

  • Unexpected process crashes of femap.exe
  • Unusual file access patterns to IGS files
  • Suspicious child processes spawned from femap.exe

Network Indicators:

  • Outbound connections from femap.exe to unexpected destinations
  • DNS queries for suspicious domains from Femap systems

SIEM Query:

Process Creation where Image ends with 'femap.exe' and CommandLine contains '.igs'

📊 Metadata

CVE ID: CVE-2024-32063
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-843
Published: May 14, 2024
Last Updated: August 20, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-32063, you might also want to check these:

CVE-2025-47151 9.8

A type confusion vulnerability in Entr'ouvert Lasso's SAML parsing allows remote code execution when...

Same vulnerability type (CWE-843)
CVE-2025-65570 9.8

A type confusion vulnerability in jsish 2.0 allows incorrect control flow during execution of the OP...

Same vulnerability type (CWE-843)
CVE-2020-25575 9.8

This vulnerability in the Rust failure crate (versions through 0.1.5) involves a type confusion flaw...

Same vulnerability type (CWE-843)