Cyber Posture

CVE-2026-3476

High

Published: 16 March 2026

Published
16 March 2026
Modified
16 March 2026
KEV Added
Patch
CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0003 7.9th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-3476 is a high-severity Code Injection (CWE-94) vulnerability in 3Ds (inferred from references). Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious File (T1204.002); ranked at the 7.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Threat & Defense at a Glance

What attackers do: exploitation maps to Malicious File (T1204.002). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

SI-2 requires timely flaw remediation, directly addressing CVE-2026-3476 by mandating application of the vendor patch to eliminate the code injection vulnerability.

SI-10 Information Input Validation good match
prevent

SI-10 enforces information input validation to check file contents, preventing code injection attacks like CVE-2026-3476 during parsing of specially crafted SOLIDWORKS files.

SI-16 Memory Protection good match
prevent

SI-16 implements memory protections such as DEP and ASLR to block execution of arbitrary code injected via malicious files exploiting CVE-2026-3476.

MITRE ATT&CK Enterprise TechniquesAI

T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
attack.mitre.org →
Why these techniques?

The vulnerability is a client-side code injection flaw that directly results in arbitrary code execution upon opening a malicious file, mapping to T1204.002 User Execution: Malicious File.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

A Code Injection vulnerability affecting SOLIDWORKS Desktop from Release 2025 through Release 2026 could allow an attacker to execute arbitrary code on the user's machine while opening a specially crafted file.

Deeper analysisAI

CVE-2026-3476 is a code injection vulnerability (CWE-94) affecting SOLIDWORKS Desktop from Release 2025 through Release 2026. Published on 2026-03-16T14:19:48.130, it carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). The issue enables arbitrary code execution on the user's machine when opening a specially crafted file.

The vulnerability can be exploited by an attacker with local access who tricks a user into opening a malicious file, requiring low attack complexity and user interaction but no privileges. Successful exploitation allows the attacker to achieve high-impact effects, including unauthorized access to sensitive data, modification of system files, and disruption of services on the affected workstation.

Mitigation details and patches are outlined in the official advisory from Dassault Systèmes, available at https://www.3ds.com/trust-center/security/security-advisories/cve-2026-3476. Security practitioners should consult this resource for specific remediation steps.

Details

CWE(s)
CWE-94

Affected Products

3Ds
inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2025-25944Shared CWE-94
CVE-2025-61982Shared CWE-94
CVE-2025-24243Shared CWE-94
CVE-2025-61732Shared CWE-94
CVE-2025-41717Shared CWE-94
CVE-2025-65716Shared CWE-94
CVE-2026-28801Shared CWE-94
CVE-2025-65715Shared CWE-94
CVE-2025-21187Shared CWE-94
CVE-2026-25001Shared CWE-94

References