Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Dassault Systèmes — Vulnerabilities & Security Advisories 95

Browse all 95 CVE security advisories affecting Dassault Systèmes. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Dassault Systèmes provides computer-aided design (CAD), computer-aided manufacturing (CAM), and product lifecycle management (PLM) software, primarily serving engineering and manufacturing sectors. The company’s extensive portfolio, including CATIA and SolidWorks, presents a significant attack surface, evidenced by the 95 recorded Common Vulnerabilities and Exposures (CVEs). Historically, these security flaws frequently involve remote code execution (RCE), cross-site scripting (XSS), and privilege escalation vulnerabilities, often stemming from complex integrations and legacy codebases within its enterprise applications. While no single catastrophic breach has defined the vendor’s public security history, the high volume of CVEs indicates persistent challenges in patching and securing its diverse software ecosystem. Security analysts recommend rigorous network segmentation and immediate application of vendor patches to mitigate risks associated with these known exploits, particularly given the critical nature of the industrial data handled by its platforms.

Top products by Dassault Systèmes: ENOVIA Collaborative Industry Innovator SOLIDWORKS eDrawings 3DSwymer DELMIA Apriso SOLIDWORKS Desktop eDrawings Product Manager DELMIA Factory Resource Manager Project Portfolio Manager City Referential Manager Collaborative Industry Innovator Teamwork Cloud - Business Edition ENOVIA Live Collaboration ENOVIA Product Engineering Specialist ENOVIA Change Manager Documentation server BIOVIA Materials Studio products Service Process Engineer Multidisciplinary Optimization Engineer SIMULIA 3DOrchestrate 3DEXPERIENCE ENOVIA Specification Manager Station Launcher App in 3DEXPERIENCE platform DELMIA Service Process Engineer ENOVIA Product Manager ENOVIAvpm Web Access
CVE IDTitleCVSSSeverityPublished
CVE-2024-10204 Heap-based Buffer Overflow and Uninitialized Variable vulnerabilities exist in eDrawings from Release SOLIDWORKS 2024 through Release SOLIDWORKS 2025 — eDrawingsCWE-122 7.8 High2024-11-19
CVE-2024-8040 Authorization Bypass Through User-Controlled Key vulnerability affecting 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2024x — 3DSwymerCWE-639 7.7 High2024-10-16
CVE-2024-6380 Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x — ENOVIA Collaborative Industry InnovatorCWE-79 8.7 High2024-10-16
CVE-2024-7737 Stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x — 3DSwymerCWE-79 8.7 High2024-09-19
CVE-2024-7736 Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x — ENOVIA Collaborative Industry InnovatorCWE-79 8.7 High2024-09-19
CVE-2024-8004 Stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x — ENOVIA Collaborative Industry InnovatorCWE-79 8.7 High2024-09-02
CVE-2024-7939 Stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2024x — 3DSwymerCWE-79 8.7 High2024-09-02
CVE-2024-7938 Stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x — 3DSwymerCWE-79 8.7 High2024-09-02
CVE-2024-7932 Stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer on Release 3DEXPERIENCE R2024x — 3DSwymerCWE-79 8.7 High2024-09-02
CVE-2024-6377 URL redirection to untrusted site (open redirect) vulnerability affecting 3DPassport in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x — 3DSwymerCWE-601 8.1 High2024-08-20
CVE-2024-6378 Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x — ENOVIA Collaborative Industry InnovatorCWE-79 8.7 High2024-08-20
CVE-2024-6379 Reflected Cross-site Scripting (XSS) vulnerability affecting 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x — 3DSwymerCWE-79 7.7 High2024-08-20
CVE-2024-3300 Pre-authentication Unsafe .NET object deserialization vulnerability affecting DELMIA Apriso Release 2019 through Release 2024 — DELMIA AprisoCWE-502 9.0 Critical2024-05-30
CVE-2024-3301 Post-authentication Unsafe .NET object deserialization vulnerability affecting DELMIA Apriso Release 2019 through Release 2024 — DELMIA AprisoCWE-502 8.5 High2024-05-30
CVE-2023-5597 Stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x — 3DSwymerCWE-79 5.4 Medium2024-05-17
CVE-2024-3299 Out-Of-Bounds Write, Use of Uninitialized Resource and Use-After-Free vulnerabilities exist in the SLDDRW and SLDPRT file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024 — eDrawingsCWE-416 7.8 High2024-04-04
CVE-2024-3298 Out-Of-Bounds Write and Type Confusion vulnerabilities exist in the DWG and DXF file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024 — eDrawingsCWE-787 7.8 High2024-04-04
CVE-2024-1848 Multiple vulnerabilities exist in file reading procedure in SOLIDWORKS Desktop on Release SOLIDWORKS 2024 — SOLIDWORKS DesktopCWE-416 7.8 High2024-03-22
CVE-2024-1624 OS Command Injection vulnerability affecting documentation server on certain Releases of 3DEXPERIENCE, SIMULIA Abaqus, SIMULIA Isight and CATIA Composer — Documentation serverCWE-78 9.4 Critical2024-03-01
CVE-2024-1847 Multiple vulnerabilities exist in file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024 — eDrawingsCWE-416 7.8 High2024-02-28
CVE-2024-0935 Insertion of Sensitive Information into Log File vulnerabilities affecting DELMIA Apriso Release 2019 through Release 2024 — DELMIA AprisoCWE-532 4.4 Medium2024-02-01
CVE-2023-6078 OS Command Injection vulnerability affecting BIOVIA Materials Studio products from Release BIOVIA 2021 through Release BIOVIA 2023 — BIOVIA Materials Studio productsCWE-78 8.8 High2024-02-01
CVE-2023-5598 Stored Cross-site Scripting (XSS) vulnerabilities affecting 3DSwym in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x — 3DSwymerCWE-79 5.4 Medium2023-11-21
CVE-2023-5599 Stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x — 3DSwymerCWE-79 5.4 Medium2023-11-21
CVE-2023-3589 Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x — Teamwork Cloud - Business EditionCWE-352 6.8 Medium2023-10-09
CVE-2023-3588 Stored Cross-site Scripting (XSS) vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x — Teamwork Cloud - Business EditionCWE-79 5.4 Medium2023-09-13
CVE-2023-1997 OS Command Injection vulnerability affecting SIMULIA 3DOrchestrate from Release 3DEXPERIENCE R2021x through Release 3DEXPERIENCE R2023x — SIMULIA 3DOrchestrateCWE-78 8.8 High2023-08-28
CVE-2023-2763 Use-After-Free, Out-of-bounds Write and Heap-based Buffer Overflow vulnerabilities exist in the DWG and DXF file reading procedure in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023 — SOLIDWORKS DesktopCWE-416 7.8 High2023-07-12
CVE-2023-2762 Use-After-Free vulnerability in SLDPRT file reading procedure affecting SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023 — SOLIDWORKS DesktopCWE-416 7.8 High2023-07-12
CVE-2023-1996 Reflected Cross-site Scripting (XSS) vulnerability affecting Release 3DEXPERIENCE R2018x through Release 3DEXPERIENCE R2023x — 3DEXPERIENCECWE-79 6.1 Medium2023-05-19

This page lists every published CVE security advisory associated with Dassault Systèmes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.