CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-6974: Use of Uninitialized Variable vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025

7.8 CVSS

Description

Use of Uninitialized Variable vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted JT file.

Classification

CVE ID: CVE-2025-6974

CVSS Base Severity: HIGH

CVSS Base Score: 7.8

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Problem Types

CWE-457 Use of Uninitialized Variable

Affected Products

Vendor: Dassault Systèmes

Product: SOLIDWORKS eDrawings

Stakeholder-Specific Vulnerability Categorization (SSVC)

SSVC Exploitation: none

SSVC Technical Impact: total

SSVC Automatable: false

References

https://nvd.nist.gov/vuln/detail/CVE-2025-6974
https://www.3ds.com/trust-center/security/security-advisories/cve-2025-6974

Timeline

2025-07-15 16:40:21 UTC
CVE

Use of Uninitialized Variable vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025