CVE-2025-10559

HIGH

DELMIA Factory Resource Manager R2023x to R2025x - Path Traversal File Read and Write

Title source: manual

Description

A Path Traversal vulnerability affecting Factory Resource Management in DELMIA Factory Resource Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to read or write files in specific directories on the server.

References (1)

Core 1

Core References

https://www.3ds.com/trust-center/security/security-advisories/cve-2025-10559

Scores

CVSS v3 7.1

EPSS 0.0027

EPSS Percentile 18.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-22

Status published

Products (4)

3ds/3dexperience r2023x - r2025x

Dassault Systèmes/DELMIA Factory Resource Manager Release 3DEXPERIENCE R2023x Golden - Release 3DEXPERIENCE R2023x.FP.CFA.2541

Dassault Systèmes/DELMIA Factory Resource Manager Release 3DEXPERIENCE R2024x Golden - Release 3DEXPERIENCE R2024x.FP.CFA.2537

Dassault Systèmes/DELMIA Factory Resource Manager Release 3DEXPERIENCE R2025x Golden - Release 3DEXPERIENCE R2025x.FP.CFA.2514

Published Mar 31, 2026

Tracked Since Mar 31, 2026