How to fix EUVD-2025-209132?

Within 24 hours: Inventory all ENOVIA deployments and identify instances running R2023x through R2025x; restrict document upload and modification permissions to high-trust users only. Within 7 days: Implement input validation and output encoding controls at the application layer for document metadata and content fields; enable browser Content Security Policy (CSP) headers to mitigate XSS execution; audit document modification logs for suspicious activity. Within 30 days: Monitor Dassault Systèmes security advisories for patch availability and apply immediately upon release; conduct security awareness training on document handling practices; consider network segmentation to limit lateral movement from compromised sessions.

EUVD-2025-209132

| CVE-2025-10551 HIGH

2026-03-31 3DS

GHSA-438q-mm87-r2p9

8.7

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 31, 2026 - 08:45 vuln.today

EUVD ID Assigned

Mar 31, 2026 - 08:45 euvd

EUVD-2025-209132

CVE Published

Mar 31, 2026 - 08:38 nvd

HIGH 8.7

Description

A Stored Cross-site Scripting (XSS) vulnerability affecting Document Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.

Analysis

Stored Cross-Site Scripting (XSS) in Dassault Systèmes ENOVIA Collaborative Industry Innovator's Document Management module enables authenticated attackers to inject malicious scripts that execute in other users' browser sessions across 3DEXPERIENCE releases R2023x through R2025x. With CVSS 8.7 (High severity) and scope change (S:C), successful exploitation allows session hijacking, credential theft, and persistent compromise of users accessing manipulated documents. EPSS data not available; no public exploit identified at time of analysis, though the low attack complexity (AC:L) makes exploitation straightforward once an attacker gains low-privilege access (PR:L).

Technical Context

ENOVIA Collaborative Industry Innovator is Dassault Systèmes' Product Lifecycle Management (PLM) solution for collaborative manufacturing and engineering. The vulnerability (CWE-79: Improper Neutralization of Input During Web Page Generation) exists in the Document Management component, where user-supplied content stored in documents is not properly sanitized before rendering in web interfaces. The stored XSS nature means malicious payloads persist in the backend database and execute whenever authorized users access the compromised documents. The CVSS vector's scope change indicator (S:C) confirms the vulnerability breaks security boundaries, allowing attacks to impact resources beyond the vulnerable component itself-critical in enterprise PLM environments where document collaboration spans multiple departments and privilege levels. The affected CPE (cpe:2.3:a:dassault_systèmes:enovia_collaborative_industry_innovator:*:*:*:*:*:*:*:*) encompasses all versions within the 3DEXPERIENCE platform releases R2023x through R2025x, indicating a multi-year exposure window.

Affected Products

The vulnerability affects Dassault Systèmes ENOVIA Collaborative Industry Innovator deployed as part of the 3DEXPERIENCE platform across multiple major releases: R2023x (all maintenance releases), R2024x (all maintenance releases), and R2025x (all maintenance releases up to the point of advisory publication). This corresponds to CPE identifier cpe:2.3:a:dassault_systèmes:enovia_collaborative_industry_innovator:*:*:*:*:*:*:*:*, with the version wildcard indicating broad applicability across the specified release family. Organizations running any 3DEXPERIENCE platform deployment with ENOVIA Collaborative Industry Innovator's Document Management module enabled should consider themselves in scope. The vendor advisory is available at https://www.3ds.com/trust-center/security/security-advisories/cve-2025-10551 for definitive version confirmation and platform-specific impact details.

Remediation

Organizations should immediately consult the official Dassault Systèmes security advisory at https://www.3ds.com/trust-center/security/security-advisories/cve-2025-10551 for patch availability and specific remediation guidance for their 3DEXPERIENCE platform version. Vendor-specific patching typically involves applying cumulative update packages or hotfixes distributed through the 3DS support portal; exact fix versions should be confirmed through the advisory as Dassault may provide version-specific patches for R2023x, R2024x, and R2025x release streams independently. As interim mitigation while awaiting patches, implement Web Application Firewall (WAF) rules with XSS pattern detection for ENOVIA endpoints, enforce Content Security Policy (CSP) headers to limit script execution to trusted sources, conduct thorough review of existing documents in the Document Management module for suspicious script content, and consider temporarily restricting document upload/edit permissions to highly trusted users only. Given the stored nature of the vulnerability, post-patch validation should include forensic review of document repositories to identify and sanitize any previously injected payloads that may persist after system updates.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +44

POC: 0

EUVD-2025-209132 vulnerability details – vuln.today

Back

EUVD-2025-209132

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

EUVD-2025-209132

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code