Skip to main content

Dfmpro For Catia

1 CVEs product

Monthly

CVE-2025-59866 LOW Monitor

Insecure file permissions on the HCL DFMPro (for CATIA), DFXAnalytics, and DFXServer installer executables allow any locally authenticated non-administrative user to overwrite or replace those binaries with malicious code. When a privileged user subsequently runs the tampered installer - during installation, upgrade, or reinstallation - the attacker's binary executes in the elevated context, completing a local privilege escalation. No public exploit code has been identified and the vulnerability is not listed in CISA KEV; however, the vendor-reported CVSS 3.3 score materially understates the potential impact of a successful exploitation scenario.

Privilege Escalation Dfmpro For Catia Dfxanalytics Dfxserver
NVD
CVSS 3.1
3.3
CVSS 3.3
LOW Monitor

Insecure file permissions on the HCL DFMPro (for CATIA), DFXAnalytics, and DFXServer installer executables allow any locally authenticated non-administrative user to overwrite or replace those binaries with malicious code. When a privileged user subsequently runs the tampered installer - during installation, upgrade, or reinstallation - the attacker's binary executes in the elevated context, completing a local privilege escalation. No public exploit code has been identified and the vulnerability is not listed in CISA KEV; however, the vendor-reported CVSS 3.3 score materially understates the potential impact of a successful exploitation scenario.

Privilege Escalation Dfmpro For Catia Dfxanalytics +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy