Cyber Posture

CVE-2025-0599

High

Published: 17 March 2025

Published
17 March 2025
Modified
22 October 2025
KEV Added
Patch
CVSS Score 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
EPSS Score 0.0035 57.6th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-0599 is a high-severity Cross-site Scripting (CWE-79) vulnerability in 3Ds 3Dexperience Enovia. Its CVSS base score is 8.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Browser Session Hijacking (T1185); ranked in the top 42.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-15 (Information Output Filtering).

Threat & Defense at a Glance

What attackers do: exploitation maps to Browser Session Hijacking (T1185) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Timely remediation through vendor patches directly eliminates the stored XSS vulnerability in the ENOVIA Document Management component, preventing script injection and execution.

SI-10 Information Input Validation good match
prevent

Validating inputs to the Document Management functionality prevents low-privileged attackers from injecting malicious scripts into stored documents.

SI-15 Information Output Filtering good match
prevent

Filtering information outputs when rendering tainted documents in users' browsers blocks execution of arbitrary scripts in victim sessions.

MITRE ATT&CK Enterprise TechniquesAI

T1185 Browser Session Hijacking Collection
Adversaries may take advantage of security vulnerabilities and inherent functionality in browser software to change content, modify user-behaviors, and intercept information as part of various browser session hijacking techniques.
attack.mitre.org →
T1056.003 Web Portal Capture Collection
Adversaries may install code on externally facing portals, such as a VPN login page, to capture and transmit credentials of users who attempt to log into the service.
attack.mitre.org →
Why these techniques?

Stored XSS enables arbitrary JavaScript execution in the victim's browser session, directly facilitating session cookie theft for hijacking (T1185) and capturing credentials/input from web portals (T1056.003).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

A stored Cross-site Scripting (XSS) vulnerability affecting Document Management in ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.

Deeper analysisAI

CVE-2025-0599 is a stored Cross-site Scripting (XSS) vulnerability, mapped to CWE-79, affecting the Document Management component in ENOVIA Collaborative Industry Innovator on the 3DEXPERIENCE R2024x release. Published on 2025-03-17T14:15:20.403, it carries a CVSS v3.1 base score of 8.7 (AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N). The issue enables an attacker to execute arbitrary script code within a user's browser session.

Exploitation requires an attacker to possess low privileges (PR:L) on the system, allowing them to inject and store a malicious script payload via the Document Management functionality. A victim user must then interact with the tainted document over the network (AV:N) with low complexity (AC:L) and some user interaction (UI:R), triggering script execution in their browser context (S:C). Successful exploitation can result in high confidentiality and integrity impacts (C:H/I:H), such as stealing sensitive data, impersonating the user, or altering the application's behavior, with no direct availability disruption (A:N).

Mitigation guidance is available in the vendor advisory at https://www.3ds.com/vulnerability/advisories.

Details

CWE(s)
CWE-79

Affected Products

3ds
3dexperience enovia
r2024x

CVEs Like This One

CVE-2025-0600Same product: 3Ds 3Dexperience Enovia
CVE-2025-0832Same product: 3Ds 3Dexperience Enovia
CVE-2025-0828Same product: 3Ds 3Dexperience Enovia
CVE-2025-0598Same product: 3Ds 3Dexperience Enovia
CVE-2025-0833Same product: 3Ds 3Dexperience Enovia
CVE-2025-0596Same product: 3Ds 3Dexperience Enovia
CVE-2025-0601Same product: 3Ds 3Dexperience Enovia
CVE-2025-0830Same product: 3Ds 3Dexperience Enovia
CVE-2025-0829Same product: 3Ds 3Dexperience Enovia
CVE-2025-0826Same product: 3Ds 3Dexperience Enovia

References