Login Sign Up

CVE-2024-34773

7.8 HIGH
Remote Code Execution

📋 TL;DR

A stack overflow vulnerability in Solid Edge allows attackers to execute arbitrary code by tricking users into opening malicious PAR files. This affects all versions before V224.0 Update 2. Users who open untrusted PAR files are at risk.

💻 Affected Systems

Products:
  • Solid Edge
Versions: All versions < V224.0 Update 2
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: All default installations are vulnerable. Requires user interaction to open malicious PAR file.

📦 What is this software?

Solid Edge Se2024 by Siemens

View all CVEs affecting Solid Edge Se2024 →

Solid Edge Se2024 by Siemens

View all CVEs affecting Solid Edge Se2024 →

Solid Edge Se2024 by Siemens

View all CVEs affecting Solid Edge Se2024 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with attacker gaining the same privileges as the Solid Edge user, potentially leading to data theft, ransomware deployment, or lateral movement.

🟠

Likely Case

Local privilege escalation or remote code execution when users open malicious PAR files from email attachments or downloads.

🟢

If Mitigated

Limited impact if users only open trusted files and proper application whitelisting is in place.

🌐 Internet-Facing: LOW
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction to open malicious file. No public exploit code available at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: V224.0 Update 2

Vendor Advisory: https://cert-portal.siemens.com/productcert/html/ssa-589937.html

Restart Required: Yes

Instructions:

1. Download Solid Edge V224.0 Update 2 from Siemens support portal. 2. Close all Solid Edge applications. 3. Run the installer with administrative privileges. 4. Restart the system after installation completes.

🔧 Temporary Workarounds

Block PAR file extensions

windows

Prevent Solid Edge from opening PAR files via group policy or application control.

Use Windows Group Policy to block .PAR file associations with Solid Edge

User awareness training

all

Educate users not to open PAR files from untrusted sources.

🧯 If You Can't Patch

  • Implement application whitelisting to restrict Solid Edge execution to trusted locations only.
  • Use endpoint detection and response (EDR) tools to monitor for suspicious Solid Edge process behavior.

🔍 How to Verify

Check if Vulnerable:

Check Solid Edge version in Help > About. If version is below V224.0 Update 2, system is vulnerable.

Check Version:

In Solid Edge: Help > About or check registry at HKEY_LOCAL_MACHINE\SOFTWARE\Siemens\Solid Edge

Verify Fix Applied:

Verify version shows V224.0 Update 2 or higher in Help > About dialog.

📡 Detection & Monitoring

Log Indicators:

  • Solid Edge crash logs with stack overflow errors
  • Windows Application logs showing Solid Edge abnormal termination

Network Indicators:

  • Unusual outbound connections from Solid Edge process after opening PAR files

SIEM Query:

Process creation where parent process is Solid Edge and command line contains suspicious parameters

📊 Metadata

CVE ID: CVE-2024-34773
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-121
Published: May 14, 2024
Last Updated: March 7, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-34773, you might also want to check these:

CVE-2024-39791 10.0

CVE-2024-39791 is a critical stack-based buffer overflow vulnerability in Vonets industrial WiFi bri...

Same vulnerability type (CWE-121)
CVE-2022-20699 10.0

This critical vulnerability in Cisco Small Business routers allows unauthenticated remote attackers ...

Same vulnerability type (CWE-121)
CVE-2022-20701 10.0

This CVE describes multiple critical vulnerabilities in Cisco Small Business RV series routers that ...

Same vulnerability type (CWE-121)