Skip to main content

Enovia Collaborative Industry Innovator CVE-2025-10551

| EUVDEUVD-2025-209132 HIGH
Cross-site Scripting (XSS) (CWE-79)
2026-03-31 3DS GHSA-438q-mm87-r2p9
8.7
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.7 HIGH
AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

3
EUVD ID Assigned
Mar 31, 2026 - 08:45 euvd
EUVD-2025-209132
Analysis Generated
Mar 31, 2026 - 08:45 vuln.today
CVE Published
Mar 31, 2026 - 08:38 nvd
HIGH 8.7

DescriptionCVE.org

A Stored Cross-site Scripting (XSS) vulnerability affecting Document Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.

AnalysisAI

Stored Cross-Site Scripting (XSS) in Dassault Systèmes ENOVIA Collaborative Industry Innovator's Document Management module enables authenticated attackers to inject malicious scripts that execute in other users' browser sessions across 3DEXPERIENCE releases R2023x through R2025x. With CVSS 8.7 (High severity) and scope change (S:C), successful exploitation allows session hijacking, credential theft, and persistent compromise of users accessing manipulated documents. EPSS data not available; no public exploit identified at time of analysis, though the low attack complexity (AC:L) makes exploitation straightforward once an attacker gains low-privilege access (PR:L).

Technical ContextAI

ENOVIA Collaborative Industry Innovator is Dassault Systèmes' Product Lifecycle Management (PLM) solution for collaborative manufacturing and engineering. The vulnerability (CWE-79: Improper Neutralization of Input During Web Page Generation) exists in the Document Management component, where user-supplied content stored in documents is not properly sanitized before rendering in web interfaces. The stored XSS nature means malicious payloads persist in the backend database and execute whenever authorized users access the compromised documents. The CVSS vector's scope change indicator (S:C) confirms the vulnerability breaks security boundaries, allowing attacks to impact resources beyond the vulnerable component itself-critical in enterprise PLM environments where document collaboration spans multiple departments and privilege levels. The affected CPE (cpe:2.3:a:dassault_systèmes:enovia_collaborative_industry_innovator:*:*:*:*:*:*:*:*) encompasses all versions within the 3DEXPERIENCE platform releases R2023x through R2025x, indicating a multi-year exposure window.

RemediationAI

Organizations should immediately consult the official Dassault Systèmes security advisory at https://www.3ds.com/trust-center/security/security-advisories/cve-2025-10551 for patch availability and specific remediation guidance for their 3DEXPERIENCE platform version. Vendor-specific patching typically involves applying cumulative update packages or hotfixes distributed through the 3DS support portal; exact fix versions should be confirmed through the advisory as Dassault may provide version-specific patches for R2023x, R2024x, and R2025x release streams independently. As interim mitigation while awaiting patches, implement Web Application Firewall (WAF) rules with XSS pattern detection for ENOVIA endpoints, enforce Content Security Policy (CSP) headers to limit script execution to trusted sources, conduct thorough review of existing documents in the Document Management module for suspicious script content, and consider temporarily restricting document upload/edit permissions to highly trusted users only. Given the stored nature of the vulnerability, post-patch validation should include forensic review of document repositories to identify and sanitize any previously injected payloads that may persist after system updates.

Share

CVE-2025-10551 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy