CVE-2023-43625
published 2023-10-10CVE-2023-43625: A vulnerability has been identified in Simcenter Amesim (All versions < V2021.1). The affected application contains a SOAP endpoint that could allow an…
PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.16%
63.1th percentile
A vulnerability has been identified in Simcenter Amesim (All versions < V2021.1). The affected application contains a SOAP endpoint that could allow an unauthenticated remote attacker to perform DLL injection and execute arbitrary code in the context of the affected application process.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | simcenter_amesim | < 2021.1 | 2021.1 |
| siemens | simcenter_amesim | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Target the SOAP endpoint exposed by Simcenter Amesim (all versions < V2021.1) for unauthenticated/low-privilege DLL injection attempts via network-accessible SOAP requests. ↗
- →Monitor for DLL injection activity originating from the Simcenter Amesim application process, particularly following inbound SOAP traffic to the host. ↗
- →Alert on network-accessible SOAP endpoint traffic directed at Simcenter Amesim hosts, especially from remote/untrusted sources, as exploitation requires only low privileges and low attack complexity (CVSS AV:N/AC:L/PR:L/UI:R). ↗
- ·No specific SOAP endpoint path, port, DLL name, payload sample, or network signature has been publicly disclosed for this vulnerability. Detection must rely on behavioral and network-layer heuristics around the Simcenter Amesim SOAP service. ↗
- ·No known public exploitation has been reported at time of advisory publication, limiting availability of real-world IOCs. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4pw7-c6vm-5qxc: A vulnerability has been identified in Simcenter Amesim (All versions < V2021
ghsa_unreviewed·2023-10-10
CVE-2023-43625 [CRITICAL] CWE-94 GHSA-4pw7-c6vm-5qxc: A vulnerability has been identified in Simcenter Amesim (All versions < V2021
A vulnerability has been identified in Simcenter Amesim (All versions < V2021.1). The affected application contains a SOAP endpoint that could allow an unauthenticated remote attacker to perform DLL injection and execute arbitrary code in the context of the affected application process.
CISA ICS
Siemens Simcenter Amesim
cisa_ics·2023-10-12·CVSS 9.8
[CRITICAL] Siemens Simcenter Amesim
ICS Advisory
##
Siemens Simcenter Amesim
Release DateOctober 12, 2023
Alert CodeICSA-23-285-05
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 8.0
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: Simcenter Amesim
- Vulnerability: Code Injection
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to perform DLL injection and execute arbitrary code in the context of the affec
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-10-10
Published