Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Dassault Systèmes — Vulnerabilities & Security Advisories 95

Browse all 95 CVE security advisories affecting Dassault Systèmes. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Dassault Systèmes provides computer-aided design (CAD), computer-aided manufacturing (CAM), and product lifecycle management (PLM) software, primarily serving engineering and manufacturing sectors. The company’s extensive portfolio, including CATIA and SolidWorks, presents a significant attack surface, evidenced by the 95 recorded Common Vulnerabilities and Exposures (CVEs). Historically, these security flaws frequently involve remote code execution (RCE), cross-site scripting (XSS), and privilege escalation vulnerabilities, often stemming from complex integrations and legacy codebases within its enterprise applications. While no single catastrophic breach has defined the vendor’s public security history, the high volume of CVEs indicates persistent challenges in patching and securing its diverse software ecosystem. Security analysts recommend rigorous network segmentation and immediate application of vendor patches to mitigate risks associated with these known exploits, particularly given the critical nature of the industrial data handled by its platforms.

Found 14 results / 95Clear Filters
Top products by Dassault Systèmes: ENOVIA Collaborative Industry Innovator SOLIDWORKS eDrawings 3DSwymer DELMIA Apriso SOLIDWORKS Desktop eDrawings Product Manager DELMIA Factory Resource Manager Project Portfolio Manager City Referential Manager Collaborative Industry Innovator Teamwork Cloud - Business Edition ENOVIA Live Collaboration ENOVIA Product Engineering Specialist ENOVIA Change Manager Documentation server BIOVIA Materials Studio products Service Process Engineer Multidisciplinary Optimization Engineer SIMULIA 3DOrchestrate 3DEXPERIENCE ENOVIA Specification Manager Station Launcher App in 3DEXPERIENCE platform DELMIA Service Process Engineer ENOVIA Product Manager ENOVIAvpm Web Access
CVE IDTitleCVSSSeverityPublished
CVE-2025-10558 Stored Cross-site Scripting (XSS) vulnerability affecting 3DSearch in 3DSwymer on Release 3DEXPERIENCE R2025x — 3DSwymerCWE-79 8.7 High2025-10-13
CVE-2025-10552 Stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2025x — 3DSwymerCWE-79 8.7 High2025-10-13
CVE-2025-0827 Stored Cross-site Scripting (XSS) vulnerability affecting 3DPlay in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x — 3DSwymerCWE-79 8.7 High2025-03-17
CVE-2025-0595 Stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x — 3DSwymerCWE-79 8.7 High2025-03-17
CVE-2024-8040 Authorization Bypass Through User-Controlled Key vulnerability affecting 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2024x — 3DSwymerCWE-639 7.7 High2024-10-16
CVE-2024-7737 Stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x — 3DSwymerCWE-79 8.7 High2024-09-19
CVE-2024-7939 Stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2024x — 3DSwymerCWE-79 8.7 High2024-09-02
CVE-2024-7938 Stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x — 3DSwymerCWE-79 8.7 High2024-09-02
CVE-2024-7932 Stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer on Release 3DEXPERIENCE R2024x — 3DSwymerCWE-79 8.7 High2024-09-02
CVE-2024-6377 URL redirection to untrusted site (open redirect) vulnerability affecting 3DPassport in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x — 3DSwymerCWE-601 8.1 High2024-08-20
CVE-2024-6379 Reflected Cross-site Scripting (XSS) vulnerability affecting 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x — 3DSwymerCWE-79 7.7 High2024-08-20
CVE-2023-5597 Stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x — 3DSwymerCWE-79 5.4 Medium2024-05-17
CVE-2023-5598 Stored Cross-site Scripting (XSS) vulnerabilities affecting 3DSwym in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x — 3DSwymerCWE-79 5.4 Medium2023-11-21
CVE-2023-5599 Stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x — 3DSwymerCWE-79 5.4 Medium2023-11-21

This page lists every published CVE security advisory associated with Dassault Systèmes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.