Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Description states remote attacker can write arbitrary files on the server with no stated auth or interaction, and arbitrary write typically yields full C/I/A impact via code execution.
Primary rating from Vendor (3DS).
CVSS VectorVendor: 3DS
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
A Path Traversal vulnerability affecting SOLIDWORKS Visualize from SOLIDWORKS Desktop Release 2024 through SOLIDWORKS Desktop Release 2026 could allow an attacker to write arbitrary files on the server.
AnalysisAI
Arbitrary file write via path traversal in SOLIDWORKS Visualize (bundled with SOLIDWORKS Desktop 2024 through 2026) allows remote attackers to place files at attacker-chosen locations on the server. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N) indicates remote, unauthenticated exploitation with high impact across confidentiality, integrity, and availability. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires network reachability to a SOLIDWORKS Visualize instance from the SOLIDWORKS Desktop 2024-2026 product line that exposes the vulnerable file-write code path; per the CVSS vector (AV:N/AC:L/PR:N/UI:N) no authentication, user interaction, or special configuration is documented as required. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 score of 9.8 with AV:N/AC:L/PR:N/UI:N implies a remote, unauthenticated, low-complexity write primitive against a server-side endpoint, which is unusually severe for what is normally marketed as a desktop rendering tool - this discrepancy between the product's typical deployment model and the 'server' wording in the description is the single biggest open question and should be verified against the vendor advisory before treating the network vector as confirmed. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker reachable over the network sends a crafted request containing a manipulated file path (e.g., '..\..\Windows\System32\Tasks\evil.xml' or a path into a web root) to a SOLIDWORKS Visualize file-handling interface, and the server writes attacker-controlled content to that location. The dropped file is then triggered by an existing autorun, scheduled task, or web request, yielding code execution in the context of the Visualize process. … |
| Remediation | Patch availability is not explicitly confirmed in the provided data; treat the 3DS advisory at https://www.3ds.com/trust-center/security/security-advisories/cve-2026-10094 as authoritative for the fixed service pack and apply it to all SOLIDWORKS Desktop 2024, 2025, and 2026 installations that include the Visualize component. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify and inventory all systems running SOLIDWORKS Desktop 2024, 2025, or 2026, with priority on internet-facing deployments. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37560