Authorization Bypass in 3DSwym Affects 3DEXPERIENCE R2024x
CVE-2024-8040

Currently unrated

Key Information:

Vendor: Dassault Systèmes
Vendor: CVE Published:; 16 October 2024

🔔 Create Dassault Systèmes Vulnerability Alert

What is CVE-2024-8040?

A vulnerability exists in 3DSwym within the 3DEXPERIENCE R2024x software due to an authorization bypass that is exploitable through user-controlled keys. This issue permits an authenticated attacker to gain access to unauthorized data, potentially compromising sensitive information. Organizations utilizing this platform should take immediate action to mitigate risks associated with this vulnerability.

References

https://www.3ds.com/vulnerability/advisories

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 16, 2024