Author: Ameeba

Overview

The CVE-2025-4992 vulnerability represents a significant security risk in the Service Process Engineer component of the 3DEXPERIENCE platform. Specifically, these versions of the software contain a stored Cross-Site Scripting (XSS) vulnerability, which if exploited, enables an attacker to execute arbitrary script code within a user’s browser session. The impact of this vulnerability ranges from unauthorized access to sensitive information, potential system compromise to data leakage. This vulnerability is of high concern to organizations running affected versions of the Service Process Engineer due to the severity of potential damage that can be caused by a successful exploit.

Vulnerability Summary

CVE ID: CVE-2025-4992
Severity: High (8.7/10.0)
Attack Vector: Network
Privileges Required: None
User Interaction: Required
Impact: Potential system compromise and data leakage

Affected Products

Product | Affected Versions

Service Process Engineer, 3DEXPERIENCE | R2024x to R2025x

How the Exploit Works

The CVE-2025-4992 vulnerability stems from improper sanitization of user input within the Service Items Management component of Service Process Engineer. This allows an attacker to inject malicious script codes into the system which are stored and later executed when a user accesses the affected service items. The execution of this script runs in the context of the user’s browser session, potentially leading to unauthorized actions being performed under the user’s session.

Conceptual Example Code

The following is a conceptual example of how an attacker might inject malicious script into a vulnerable system:

POST /service-items-management/update HTTP/1.1
Host: target.example.com
Content-Type: application/json
{
"service_item": {
"id": "123",
"name": "<script>malicious_script</script>"
}
}

In this example, the attacker sends a POST request to the service items management update endpoint. The request includes a script tag with the malicious script as the name of the service item. When a user views this service item, the malicious script executes in the user’s browser session, leading to potentially unauthorized actions.

Mitigation

Users of affected versions of Service Process Engineer are advised to apply the vendor patch as soon as possible to address this vulnerability. In the event where immediate patching is not possible, using a Web Application Firewall (WAF) or an Intrusion Detection System (IDS) can help to mitigate the risk to some extent by detecting and blocking attempts to exploit this vulnerability. However, these are only temporary solutions and applying the vendor patch remains the most effective way to completely mitigate the risk.

Overview

CVE-2025-4991 is a stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup in the Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x. XSS vulnerabilities are a class of security flaws that can allow an attacker to inject malicious scripts into webpages viewed by other users, potentially leading to significant data breaches or system compromises.
This particular vulnerability matters because it can allow an attacker to execute arbitrary script code in a user’s browser session. The Collaborative Industry Innovator is widely used in the manufacturing and design industries, meaning that businesses in these sectors could be at risk of data leakage or system compromise if they are running affected versions of the software.

Vulnerability Summary

CVE ID: CVE-2025-4991
Severity: High (8.7 CVSS)
Attack Vector: Network
Privileges Required: None
User Interaction: Required
Impact: System compromise or data leakage

Affected Products

Product | Affected Versions

Collaborative Industry Innovator | 3DEXPERIENCE R2022x – R2025x

How the Exploit Works

A stored XSS vulnerability like CVE-2025-4991 allows an attacker to inject malicious script into a webpage that then gets stored on the server. Whenever another user visits that webpage, the script is served up along with the rest of the webpage content and is executed in the user’s browser session. This can allow the attacker to steal sensitive information, impersonate the user, or perform actions on the user’s behalf.

Conceptual Example Code

Here’s a conceptual example of how the vulnerability may be exploited. This is a sample HTTP POST request that injects a malicious script into a vulnerable endpoint.

POST /vulnerable/endpoint HTTP/1.1
Host: target.example.com
Content-Type: application/json
{
"markup_data": "<script>malicious_code_here</script>"
}

In this example, the `markup_data` field, which is meant to contain benign markup data, is instead used to inject a malicious script. When this data is later served up to another user, the script will be executed in their browser.

Mitigation

The primary mitigation for this vulnerability is to apply the vendor’s patch. If this is not immediately feasible, using a Web Application Firewall (WAF) or an Intrusion Detection System (IDS) can offer temporary mitigation by blocking or alerting on attempts to exploit the vulnerability.
However, these are only temporary solutions and do not address the underlying issue. It is strongly recommended to apply the vendor’s patch as soon as possible to fully mitigate this vulnerability.

Overview

In the continually evolving cybersecurity world, vigilance is paramount. The vulnerability under focus in this article is CVE-2025-4990, a stored Cross-Site Scripting (XSS) vulnerability that impacts Change Governance in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x. This vulnerability is of critical importance due to its capacity to allow an attacker to execute arbitrary script code in a user’s browser session, potentially leading to system compromise or data leakage.

Vulnerability Summary

CVE ID: CVE-2025-4990
Severity: High (8.7 CVSS Score)
Attack Vector: Web-based (Stored XSS)
Privileges Required: None
User Interaction: Required
Impact: System compromise, potential data leakage

Affected Products

Product | Affected Versions

3DEXPERIENCE Product Manager | R2022x to R2025x

How the Exploit Works

The exploit operates by injecting malicious script code into the Change Governance component of the affected Product Manager versions. This injected code is then stored and executed whenever an end user accesses the compromised pages, thereby launching the attacker’s script within the user’s browser session. This script execution can lead to unauthorized system access or data exfiltration, depending on the attacker’s intent.

Conceptual Example Code

Here is a conceptual example of how the vulnerability might be exploited. In this case, a malicious HTTP POST request is sent containing the harmful payload:

POST /change_governance/endpoint HTTP/1.1
Host: target.example.com
Content-Type: application/json
{ "malicious_payload": "<script>evil_script_here</script>" }

In this example, “evil_script_here” would be replaced by the attacker’s actual malicious script. When an unsuspecting user accesses the affected page, the stored script is executed within their browser, potentially leading to system compromise or data leakage.

Mitigation and Prevention

The recommended mitigation for this vulnerability is to apply the vendor-provided patch. For temporary mitigation, a Web Application Firewall (WAF) or an Intrusion Detection System (IDS) can be used to detect and block attempts to exploit this vulnerability. Regularly updating and patching software, educating users about the risks of suspicious links, and implementing robust security policies can also help prevent such vulnerabilities from being exploited.

Overview

In this post, we will delve into a severe vulnerability, identified as CVE-2025-4989, which has been discovered in the Requirements component of the Product Manager product, part of the 3DEXPERIENCE suite from Dassault Systèmes. This vulnerability is particularly concerning as it allows an attacker to execute arbitrary script code within a user’s browser session. This vulnerability affects a wide range of industries that rely on 3DEXPERIENCE’s suite of tools for product lifecycle management, thus highlighting the importance of understanding and mitigating this issue.

Vulnerability Summary

CVE ID: CVE-2025-4989
Severity: High (CVSS: 8.7)
Attack Vector: Network
Privileges Required: None
User Interaction: Required
Impact: Potential system compromise and data leakage

Affected Products

Product | Affected Versions

3DEXPERIENCE Product Manager | Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x

How the Exploit Works

The vulnerability is a Stored Cross-Site Scripting (XSS) issue. An attacker can inject malicious script code into the Requirements component of the Product Manager. This code is stored and then served to users when they navigate to certain pages within the application. When the affected pages are loaded, the malicious script is executed within the user’s browser session. This can potentially lead to a full system compromise or data leakage, as the script could be designed to steal sensitive session data or perform actions on behalf of the user.

Conceptual Example Code

Here’s a conceptual example that demonstrates how an attacker might exploit this vulnerability:

POST /3dexperience/productmanager/requirements HTTP/1.1
Host: victim-organization.com
Content-Type: application/json
{ "requirement": "<script>evil_function_that_steals_data()</script>" }

In this example, the malicious script `evil_function_that_steals_data()` is inserted into the `requirement` field. When a user views this requirement, the script is executed, potentially leading to data theft or other unauthorized actions.

Recommended Mitigations

The primary recommendation for mitigating this vulnerability is to apply the vendor-supplied patch. Dassault Systèmes has released a patch that addresses this issue and it should be applied as soon as possible to all affected systems.
In situations where immediate patching is not possible, implementing a Web Application Firewall (WAF) or Intrusion Detection System (IDS) can provide temporary mitigation. These systems can be configured to detect and block attempts to exploit this vulnerability. However, these are only temporary measures and a patch should still be applied as soon as it is feasible.

Overview

The Common Vulnerabilities and Exposures (CVE) system has recently identified a significant security vulnerability, designated CVE-2025-4988, in the Results Analytics component of Multidisciplinary Optimization Engineer software. This software is part of the 3DEXPERIENCE suite, widely used across multiple industries, making the potential impact of this vulnerability widespread and severe. This vulnerability is a form of Stored Cross-Site Scripting (XSS), which allows an attacker to inject malicious scripts that are stored and executed in the user’s browser session, leading to potential system compromise or data leakage.

Vulnerability Summary

CVE ID: CVE-2025-4988
Severity: High (8.7 CVSS Score)
Attack Vector: Stored Cross-Site Scripting (XSS)
Privileges Required: None
User Interaction: Required
Impact: System compromise and potential data leakage

Affected Products

Product | Affected Versions

3DEXPERIENCE Multidisciplinary Optimization Engineer | Release R2022x – Release R2024x

How the Exploit Works

Stored Cross-Site Scripting (XSS) vulnerabilities occur when an application allows user input to be stored and then displayed without proper sanitization. In the case of CVE-2025-4988, an attacker can inject malicious script code into the Results Analytics component of the Multidisciplinary Optimization Engineer software. This code is then stored and executed in a user’s browser session when they access the affected pages, leading to potential system compromise or data leakage.

Conceptual Example Code

Here is a conceptual example of how the vulnerability might be exploited. This is a hypothetical HTTP request where an attacker injects a malicious script into the user input fields:

POST /vulnerable/endpoint HTTP/1.1
Host: target.example.com
Content-Type: application/json
{ "user_input": "<script>malicious code here</script>" }

In this example, the malicious code would be stored and subsequently executed whenever a user accesses the page where this user input is displayed.

Recommendations for Mitigation

The primary recommendation for mitigating this vulnerability is to apply the vendor-provided patch as soon as possible, which will fix the vulnerability in the affected versions of the software. If immediate patching is not possible, the use of a Web Application Firewall (WAF) or Intrusion Detection System (IDS) can serve as a temporary measure to block or detect attempts to exploit this vulnerability. Regularly updating and patching software, as well as proper input validation and sanitization, are also important measures for preventing such vulnerabilities.

Overview

The cybersecurity landscape is constantly changing and evolving, with new vulnerabilities being discovered and exploited by malicious actors. One such vulnerability that has recently been identified is the CVE-2025-4986 which affects Model Definition in the Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x.
This vulnerability is of particular concern due to its potential to allow an attacker to execute arbitrary script code in a user’s browser session, which could potentially lead to system compromise or data leakage. In this blog post, we will take a deep dive into the characteristics of this vulnerability, how it works, and how to mitigate its impacts.

Vulnerability Summary

CVE ID: CVE-2025-4986
Severity: High (8.7 CVSS Score)
Attack Vector: Web-based
Privileges Required: None
User Interaction: Required
Impact: Potential system compromise and data leakage

Affected Products

Product | Affected Versions

3DEXPERIENCE Product Manager | R2022x to R2025x

How the Exploit Works

CVE-2025-4986 is a Stored Cross-Site Scripting (XSS) vulnerability. An attacker can exploit this vulnerability by injecting malicious scripts into a web page viewed by other users. When these scripts are stored on the target server and served as part of a web page, the browser executing them does not recognize these scripts as being dangerous, and executes them as if they were part of the web page’s legitimate code.
This allows the attacker to hijack user sessions, deface web sites, or redirect the user to malicious sites. In this case, the vulnerability is present in the Model Definition component of the 3DEXPERIENCE Product Manager, allowing an attacker to potentially compromise the system or leak data.

Conceptual Example Code

Here is a conceptual example of how the vulnerability might be exploited:

POST /3dexperience/model HTTP/1.1
Host: target.example.com
Content-Type: application/json
{
"model_definition": "<script>malicious_code_here</script>"
}

In this example, the attacker sends a POST request to a vulnerable endpoint, embedding a malicious script in the model_definition parameter. When this malicious code is stored and then served to a user, their browser would execute the malicious code.

Mitigation Guidance

To mitigate this vulnerability, it is recommended to apply the vendor patch as soon as it is available. In the meantime, using a Web Application Firewall (WAF) or Intrusion Detection System (IDS) may provide temporary mitigation. Regularly updating and patching your systems can help prevent exploitation of such vulnerabilities, as well as implementing a robust cybersecurity strategy. Regular security audits and penetration testing can also help identify and mitigate such vulnerabilities before they can be exploited.

Overview

A significant cybersecurity threat has been detected in Project Portfolio Manager, a key component of the 3DEXPERIENCE platform. It is identified as CVE-2025-4985 and is a stored Cross-site Scripting (XSS) vulnerability. This vulnerability affects the Risk Management module from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x. Given the widespread use of the 3DEXPERIENCE suite in various industries, this vulnerability could potentially impact hundreds of businesses, leading to system compromise or data leakage. Hence, it is critical to understand and address this vulnerability promptly.

Vulnerability Summary

CVE ID: CVE-2025-4985
Severity: High (8.7 CVSS score)
Attack Vector: Web-based (XSS)
Privileges Required: User
User Interaction: Required
Impact: System Compromise and Data Leakage

Affected Products

Product | Affected Versions

3DEXPERIENCE Project Portfolio Manager | R2022x – R2025x

How the Exploit Works

The XSS vulnerability within the Project Portfolio Manager allows an attacker to inject malicious script, which is then stored on the server. When a user accesses a compromised page, the malicious script is served and executed within the user’s browser session. This execution can lead to unauthorized system access or data leakage. The attacker can use this vulnerability to potentially gain control over the user’s session, hijack user accounts, perform actions on behalf of the user, and even extract sensitive data.

Conceptual Example Code

Here’s a conceptual example of how this vulnerability can be exploited. Note that this is a simplified example intended for illustrative purposes:

POST /vulnerable/endpoint HTTP/1.1
Host: target.example.com
Content-Type: application/json
{ "input_field": "<script>malicious code here</script>" }

In this example, the malicious code is inserted into an input field and sent to the server in a POST request. When the server stores this input and subsequently serves it to users, the malicious script is executed in the user’s browser, leading to a successful exploit of the vulnerability.

Mitigation and Prevention

The most effective way to mitigate this vulnerability is to apply the vendor patch. In cases where immediate patching is not possible, a Web Application Firewall (WAF) or Intrusion Detection System (IDS) can be used as a temporary mitigation measure. These systems can be configured to detect and block attempts to exploit this vulnerability. Furthermore, it is recommended to follow best practices for XSS prevention, such as input validation, output encoding, and using secure HTTP headers.

Overview

We are addressing a serious security vulnerability, classified as CVE-2025-4984, that affects the City Discover in City Referential Manager on 3DEXPERIENCE R2025x. This vulnerability, a type of stored Cross-Site Scripting (XSS), could potentially allow an attacker to execute arbitrary script code within a user’s browser session. As cybersecurity professionals, it’s crucial for us to understand the severity of this situation due to the high potential for system compromise or data leakage. The risk is especially pertinent for those organizations utilizing the affected software in managing and referencing city data.

Vulnerability Summary

CVE ID: CVE-2025-4984
Severity: High (8.7 CVSS Score)
Attack Vector: Network
Privileges Required: Low
User Interaction: Required
Impact: Potential system compromise or data leakage

Affected Products

Product | Affected Versions

City Discover in City Referential Manager | 3DEXPERIENCE R2025x

How the Exploit Works

This Stored Cross-Site Scripting (XSS) vulnerability works when an attacker manages to inject malicious script into a webpage viewed by other users. The script is ‘stored’ on the target server, hence the term ‘stored XSS. When the victim navigates to the affected webpage, the malicious script is executed. In the case of CVE-2025-4984, the attacker would specifically target the City Discover in City Referential Manager software. Upon successful execution, the script runs within the user’s browser session, potentially leading to system compromise or data leakage.

Conceptual Example Code

Consider the following conceptual example illustrating how the vulnerability might be exploited:

POST /city-discover/referential-manager HTTP/1.1
Host: target.example.com
Content-Type: application/json
{ "city_data": "<script> malicious_payload </script>" }

In this example, the attacker sends a POST request to the City Discover Referential Manager endpoint with JavaScript embedded within the ‘city_data’ payload. When a user subsequently accesses data from this endpoint, the malicious script is executed in the user’s browser session.
Mitigating this vulnerability should be a priority for any organization using the affected software. Applying the vendor’s patch is the recommended solution, but in the interim, a web application firewall (WAF) or intrusion detection system (IDS) can be used for temporary mitigation.

Overview

CVE-2025-4983 is a critical stored Cross-site Scripting (XSS) vulnerability that affects City Referential Manager on 3DEXPERIENCE R2025x. It allows a malicious actor to inject and execute arbitrary script code within the browser session of an unsuspecting user. Given the global usage of City Referential Manager in urban planning and management, this vulnerability presents significant risk, opening the door to potential system compromise and data leaks. The importance of addressing this vulnerability cannot be overstated.

Vulnerability Summary

CVE ID: CVE-2025-4983
Severity: High (8.7 CVSS Score)
Attack Vector: Network
Privileges Required: None
User Interaction: Required
Impact: Potential system compromise and data leakage

Affected Products

Product | Affected Versions

City Referential Manager | 3DEXPERIENCE R2025x

How the Exploit Works

The vulnerability arises from a failure in the application’s input sanitization process, which allows for the injection of unfiltered, malicious script in user-generated data. This malicious code is then stored within the application’s database. When other users view this data, the embedded script is executed within their browser, leading to a stored XSS attack. The attacker can exploit this vulnerability to hijack user sessions, deface web pages, or redirect the user to malicious sites.

Conceptual Example Code

Here is a conceptual example of how the vulnerability might be exploited. The specific malicious payload would vary based on the attacker’s intent and the specificities of the application.

POST /submitData HTTP/1.1
Host: cityreferential.example.com
Content-Type: application/json
{
"userdata": "<script>malicious_code_here</script>"
}

In this example, the malicious payload is being sent to the `submitData` endpoint of the City Referential Manager application. This payload includes a script tag containing malicious JavaScript code, which will be stored by the application and executed when other users view this data.

Mitigation

To mitigate the risk posed by this vulnerability, it is recommended that users apply the vendor patch as soon as it becomes available. In the interim, the use of a Web Application Firewall (WAF) or Intrusion Detection System (IDS) can provide temporary mitigation. Furthermore, all users should be cautious when viewing unfamiliar data and immediately report any suspicious activities.

Overview

The Common Vulnerabilities and Exposures (CVE) system has issued a warning regarding a significant security vulnerability, assigned the identifier CVE-2025-0602. This security flaw affects the Collaborative Industry Innovator, a product under the umbrella of 3DEXPERIENCE, from Release R2023x through Release R2025x. The vulnerability in question is a stored Cross-Site Scripting (XSS) flaw, which could potentially enable an attacker to execute arbitrary script code within the browser session of an unsuspecting user. This type of vulnerability is particularly dangerous as it could lead to system compromise or data leakage, highlighting the necessity of addressing it promptly and adequately.

Vulnerability Summary

CVE ID: CVE-2025-0602
Severity: High (8.7 CVSS Score)
Attack Vector: Network
Privileges Required: None
User Interaction: Required
Impact: System compromise or data leakage

Affected Products

Product | Affected Versions

Collaborative Industry Innovator | 3DEXPERIENCE R2023x – 3DEXPERIENCE R2025x

How the Exploit Works

The exploit takes advantage of a stored XSS vulnerability in the Compare feature of Collaborative Industry Innovator. An attacker could inject malicious script code into the application’s stored data. When this data is later retrieved and rendered in a browser, the malicious script is executed. This scenario assumes that the attacker is able to lure a victim, typically through social engineering, to access the crafted data.

Conceptual Example Code

Below is a conceptual example of how the vulnerability might be exploited. In this case, a malicious payload is sent via a POST request to a vulnerable endpoint.

POST /vulnerable/compare HTTP/1.1
Host: target.example.com
Content-Type: application/json
{
"compare_data": "<script>evil_function();</script>"
}

In this example, `evil_function()` represents a malicious script that the attacker wishes to execute in the user’s browser.
Given the high-severity CVSS score and potential impact, it is recommended that users apply the vendor-supplied patch as soon as possible. In the meantime, a Web Application Firewall (WAF) or Intrusion Detection System (IDS) can be used as a temporary mitigation measure.