Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Dassault Systèmes — Vulnerabilities & Security Advisories 95

Browse all 95 CVE security advisories affecting Dassault Systèmes. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Dassault Systèmes provides computer-aided design (CAD), computer-aided manufacturing (CAM), and product lifecycle management (PLM) software, primarily serving engineering and manufacturing sectors. The company’s extensive portfolio, including CATIA and SolidWorks, presents a significant attack surface, evidenced by the 95 recorded Common Vulnerabilities and Exposures (CVEs). Historically, these security flaws frequently involve remote code execution (RCE), cross-site scripting (XSS), and privilege escalation vulnerabilities, often stemming from complex integrations and legacy codebases within its enterprise applications. While no single catastrophic breach has defined the vendor’s public security history, the high volume of CVEs indicates persistent challenges in patching and securing its diverse software ecosystem. Security analysts recommend rigorous network segmentation and immediate application of vendor patches to mitigate risks associated with these known exploits, particularly given the critical nature of the industrial data handled by its platforms.

Top products by Dassault Systèmes: ENOVIA Collaborative Industry Innovator SOLIDWORKS eDrawings 3DSwymer DELMIA Apriso SOLIDWORKS Desktop eDrawings Product Manager DELMIA Factory Resource Manager Project Portfolio Manager City Referential Manager Collaborative Industry Innovator Teamwork Cloud - Business Edition ENOVIA Live Collaboration ENOVIA Product Engineering Specialist ENOVIA Change Manager Documentation server BIOVIA Materials Studio products Service Process Engineer Multidisciplinary Optimization Engineer SIMULIA 3DOrchestrate 3DEXPERIENCE ENOVIA Specification Manager Station Launcher App in 3DEXPERIENCE platform DELMIA Service Process Engineer ENOVIA Product Manager ENOVIAvpm Web Access
CVE IDTitleCVSSSeverityPublished
CVE-2025-10559 Path Traversal vulnerability affecting Factory Resource Management in DELMIA Factory Resource Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x — DELMIA Factory Resource ManagerCWE-22 7.1 High2026-03-31
CVE-2025-10553 Stored Cross-site Scripting (XSS) vulnerability affecting Factory Resource Management in DELMIA Factory Resource Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x — DELMIA Factory Resource ManagerCWE-79 8.7 High2026-03-31
CVE-2025-10551 Stored Cross-site Scripting (XSS) vulnerability affecting Document Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x — ENOVIA Collaborative Industry InnovatorCWE-79 8.7 High2026-03-31
CVE-2026-3476 Code Injection vulnerability affecting SOLIDWORKS Desktop from Release 2025 through Release 2026 — SOLIDWORKS DesktopCWE-94 7.8 High2026-03-16
CVE-2026-2101 Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIAvpm Web Access from ENOVIAvpm Version 1 Release 16 through ENOVIAvpm Version 1 Release 19 — ENOVIAvpm Web AccessCWE-79 8.7 High2026-02-16
CVE-2026-1335 Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 — SOLIDWORKS eDrawingsCWE-787 7.8 High2026-02-16
CVE-2026-1334 Out-Of-Bounds Read vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 — SOLIDWORKS eDrawingsCWE-125 7.8 High2026-02-16
CVE-2026-1333 Use of Uninitialized Variable vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 — SOLIDWORKS eDrawingsCWE-457 7.8 High2026-02-16
CVE-2026-1284 Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 — SOLIDWORKS eDrawingsCWE-787 7.8 High2026-01-26
CVE-2026-1283 Heap-based Buffer Overflow vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 — SOLIDWORKS eDrawingsCWE-122 7.8 High2026-01-26
CVE-2025-12956 Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x — ENOVIA Collaborative Industry InnovatorCWE-79 8.7 High2025-12-08
CVE-2025-10555 Stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in DELMIA Service Process Engineer on Release 3DEXPERIENCE R2025x — DELMIA Service Process EngineerCWE-79 8.7 High2025-11-24
CVE-2025-10554 Stored Cross-site Scripting (XSS) vulnerability affecting Requirements in ENOVIA Product Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x — ENOVIA Product ManagerCWE-79 8.7 High2025-11-24
CVE-2025-10558 Stored Cross-site Scripting (XSS) vulnerability affecting 3DSearch in 3DSwymer on Release 3DEXPERIENCE R2025x — 3DSwymerCWE-79 8.7 High2025-10-13
CVE-2025-10557 Stored Cross-site Scripting (XSS) vulnerability affecting Issue Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x — ENOVIA Collaborative Industry InnovatorCWE-79 8.7 High2025-10-13
CVE-2025-10556 Stored Cross-site Scripting (XSS) vulnerability affecting Specification Management in ENOVIA Specification Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x — ENOVIA Specification ManagerCWE-79 8.7 High2025-10-13
CVE-2025-10552 Stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2025x — 3DSwymerCWE-79 8.7 High2025-10-13
CVE-2025-9976 OS Command Injection vulnerability affecting Station Launcher App in 3DEXPERIENCE platform from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x — Station Launcher App in 3DEXPERIENCE platformCWE-78 9.0 Critical2025-10-13
CVE-2025-9450 Use of Uninitialized Variable vulnerability affecting the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025 — SOLIDWORKS eDrawingsCWE-457 7.8 High2025-09-17
CVE-2025-9449 Use After Free vulnerability affecting the PAR file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025 — SOLIDWORKS eDrawingsCWE-416 7.8 High2025-09-17
CVE-2025-9447 Out-Of-Bounds Read affecting the PAR file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025 — SOLIDWORKS eDrawingsCWE-125 7.8 High2025-09-17
CVE-2025-6205 Missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 — DELMIA AprisoCWE-862 9.1 Critical2025-08-04
CVE-2025-6204 Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 — DELMIA AprisoCWE-94 8.0 High2025-08-04
CVE-2025-7042 Use After Free vulnerability exists in the IPT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025 — SOLIDWORKS eDrawingsCWE-416 7.8 High2025-07-15
CVE-2025-6974 Use of Uninitialized Variable vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025 — SOLIDWORKS eDrawingsCWE-457 7.8 High2025-07-15
CVE-2025-6973 Use After Free vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025 — SOLIDWORKS eDrawingsCWE-416 7.8 High2025-07-15
CVE-2025-6972 Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025 — SOLIDWORKS eDrawingsCWE-416 7.8 High2025-07-15
CVE-2025-6971 Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025 — SOLIDWORKS eDrawingsCWE-416 7.8 High2025-07-15
CVE-2025-0831 Out-Of-Bounds Read vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025 — SOLIDWORKS eDrawingsCWE-125 7.8 High2025-07-15
CVE-2025-4987 Stored Cross-site Scripting (XSS) vulnerability affecting Opportunity Management in Project Portfolio Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x — Project Portfolio ManagerCWE-79 8.7 High2025-06-16

This page lists every published CVE security advisory associated with Dassault Systèmes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.