CVE-2025-0830
Published: 17 March 2025
Summary
CVE-2025-0830 is a high-severity Cross-site Scripting (CWE-79) vulnerability in 3Ds 3Dexperience Enovia. Its CVSS base score is 8.7 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 42.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-15 (Information Output Filtering).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Validates user inputs to Meeting Management prior to storage, directly preventing injection of malicious scripts that enable stored XSS.
Filters information output when rendering meeting content, neutralizing stored malicious scripts before execution in victims' browsers.
Mandates timely remediation of the specific XSS flaw via vendor patches, eliminating the vulnerability in affected 3DEXPERIENCE releases.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Stored XSS enables exploitation of the network-accessible web application (T1190) with malicious JavaScript payload execution in the victim's browser session (T1059.007), leading to session hijacking or data theft.
NVD Description
A stored Cross-site Scripting (XSS) vulnerability affecting Meeting Management in ENOVIA Change Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
Deeper analysisAI
CVE-2025-0830 is a stored Cross-site Scripting (XSS) vulnerability, classified under CWE-79, in the Meeting Management component of ENOVIA Change Manager. It affects 3DEXPERIENCE releases from R2022x through R2024x. The flaw allows an attacker to inject and store malicious script code that executes in a victim's browser session upon accessing affected meeting content. The vulnerability has a CVSS v3.1 base score of 8.7 (AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N), indicating high severity due to network accessibility, low attack complexity, and significant impacts on confidentiality and integrity with a changed scope.
An authenticated attacker with low privileges (PR:L) can exploit this by injecting a malicious payload into Meeting Management features. Exploitation requires user interaction (UI:R), such as a victim viewing the compromised meeting content in their browser. Successful execution enables arbitrary script code to run in the context of the victim's session, potentially leading to high confidentiality and integrity impacts, such as session hijacking, data theft, or unauthorized actions on behalf of the victim across scoped resources.
For mitigation details, including patches or workarounds, refer to the vendor advisory at https://www.3ds.com/vulnerability/advisories.
Details
- CWE(s)