Use After Free vulnerability exists in the CATPRODUCT file reading...

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Description

Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted CATPRODUCT file.

Basic Information

ID CVE-2025-6971

Source 3DS

Published Jul 15, 2025 at 15:02

Modified Jul 15, 2025 at 15:30

Affected Product

Vendor Dassault Systèmes

Product SOLIDWORKS eDrawings

Version Release SOLIDWORKS Desktop 2025 SP0

Affected Versions Dassault Systèmes SOLIDWORKS eDrawings Release SOLIDWORKS Desktop 2025 SP0

CWE Classification

CWE-416

References

www.3ds.com /trust-center/security/security-advisories/cve-2025-6971

{
    "lastseen": "",
    "description": "Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted CATPRODUCT file.",
    "published": "2025-07-15T15:02:05.556Z",
    "modified": "2025-07-15T15:30:36.848Z",
    "type": "cve",
    "title": "Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025",
    "source": "3DS",
    "references": "https://www.3ds.com/trust-center/security/security-advisories/cve-2025-6971",
    "id": "CVE-2025-6971",
    "bulletinFamily": "",
    "cwe": [
        "CWE-416"
    ],
    "cvelist": null,
    "sourceData": "Dassault Syst\u00e8mes SOLIDWORKS eDrawings Release SOLIDWORKS Desktop 2025 SP0",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SOLIDWORKS eDrawings",
    "version": "Release SOLIDWORKS Desktop 2025 SP0",
    "vendor": "Dassault Syst\u00e8mes",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025_CVE-2025-6971