CVE-2025-0595

High

Published: 17 March 2025

Published

17 March 2025

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

EPSS Score 0.0034 56.6th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-0595 is a high-severity Cross-site Scripting (CWE-79) vulnerability in 3Ds (inferred from references). Its CVSS base score is 8.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Browser Session Hijacking (T1185); ranked in the top 43.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-15 (Information Output Filtering).

Threat & Defense at a Glance

What attackers do: exploitation maps to Browser Session Hijacking (T1185) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly addresses the stored XSS flaw in 3DDashboard by requiring timely identification, reporting, and correction of the vulnerability across affected 3DEXPERIENCE releases.

SI-10 Information Input Validation good match

prevent

Prevents attackers with low privileges from injecting malicious scripts into stored data in the 3DDashboard component.

SI-15 Information Output Filtering good match

prevent

Filters tainted output from the 3DDashboard to block execution of arbitrary scripts in users' browser sessions despite user interaction.

MITRE ATT&CK Enterprise TechniquesAI

T1185 Browser Session Hijacking Collection

Adversaries may take advantage of security vulnerabilities and inherent functionality in browser software to change content, modify user-behaviors, and intercept information as part of various browser session hijacking techniques.

attack.mitre.org →

T1567 Exfiltration Over Web Service Exfiltration

Adversaries may use an existing, legitimate external Web service to exfiltrate data rather than their primary command and control channel.

attack.mitre.org →

Why these techniques?

Stored XSS enables arbitrary JavaScript execution in the victim's browser, directly facilitating session hijacking (T1185) and data exfiltration over web services (T1567) as described in the CVE.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.

Deeper analysisAI

CVE-2025-0595 is a stored Cross-site Scripting (XSS) vulnerability, classified under CWE-79, affecting the 3DDashboard component in 3DSwymer across releases from 3DEXPERIENCE R2022x through 3DEXPERIENCE R2024x. Published on 2025-03-17, it enables an attacker to execute arbitrary script code within a user's browser session. The vulnerability carries a CVSS v3.1 base score of 8.7 (AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N), indicating high severity due to its network accessibility and potential for significant impact.

Exploitation requires an attacker to possess low privileges (PR:L) and occurs over the network (AV:N) with low attack complexity (AC:L), though it demands user interaction (UI:R), such as clicking a malicious link or viewing tainted content. Upon success, the vulnerability changes scope (S:C), granting high impacts on confidentiality (C:H) and integrity (I:H) without affecting availability (A:N). This allows script execution in the victim's browser, potentially leading to session hijacking, data exfiltration, or further compromise within the affected application.

Mitigation guidance and additional details are available in the vendor advisory at https://www.3ds.com/vulnerability/advisories.