Solidworks Visualize
Monthly
Arbitrary file write via path traversal in SOLIDWORKS Visualize (bundled with SOLIDWORKS Desktop 2024 through 2026) allows remote attackers to place files at attacker-chosen locations on the server. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N) indicates remote, unauthenticated exploitation with high impact across confidentiality, integrity, and availability. At time of analysis, no public exploit identified and the issue is not on the CISA KEV list.
Arbitrary file write via path traversal in SOLIDWORKS Visualize (bundled with SOLIDWORKS Desktop 2024 through 2026) allows remote attackers to place files at attacker-chosen locations on the server. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N) indicates remote, unauthenticated exploitation with high impact across confidentiality, integrity, and availability. At time of analysis, no public exploit identified and the issue is not on the CISA KEV list.