Description
A Path Traversal vulnerability affecting SOLIDWORKS Visualize from SOLIDWORKS Desktop Release 2024 through SOLIDWORKS Desktop Release 2026 could allow an attacker to write arbitrary files on the server.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- Dassault Systèmes / SOLIDWORKS VisualizeSOLIDWORKS Desktop Release 2024 SP0 – SOLIDWORKS Desktop Release 2024 SP5
- Dassault Systèmes / SOLIDWORKS VisualizeSOLIDWORKS Desktop Release 2025 SP0 – SOLIDWORKS DesktopRelease 2025 SP5
- Dassault Systèmes / SOLIDWORKS VisualizeSOLIDWORKS Desktop Release 2026 SP0 – SOLIDWORKS Desktop Release 2026 SP2.1