CVE-2025-10556 is a stored Cross-site Scripting (XSS) vulnerability identified in Dassault Systèmes ENOVIA Specification Manager, a component of the 3DEXPERIENCE platform used for specification management in product lifecycle management (PLM). The vulnerability exists in releases from R2023x through R2025x Golden versions. It arises due to improper neutralization of input during web page generation (CWE-79), allowing an attacker to inject malicious JavaScript code that is stored persistently within the application. When other users access the affected pages, the malicious script executes within their browser context, enabling attackers to hijack user sessions, steal sensitive information, or perform unauthorized actions on behalf of the victim. The CVSS v3.1 base score is 8.7, indicating high severity, with the vector AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N. This means the attack can be launched remotely over the network with low attack complexity, requires low privileges but does require user interaction, and impacts confidentiality and integrity with a scope change. Although no known exploits are currently reported in the wild, the vulnerability poses a significant risk due to the critical nature of the data managed by ENOVIA Specification Manager in engineering and manufacturing workflows. The vulnerability affects authenticated users with limited privileges, which increases the risk of insider threats or compromised accounts being leveraged. The lack of available patches at the time of publication necessitates immediate interim mitigations. The vulnerability's stored nature means that once malicious input is injected, it can affect multiple users over time, amplifying the potential impact. This vulnerability highlights the importance of secure coding practices, especially input validation and output encoding in web applications managing sensitive enterprise data.

For European organizations, particularly those in aerospace, automotive, industrial manufacturing, and engineering sectors that rely on Dassault Systèmes ENOVIA Specification Manager, this vulnerability can lead to severe consequences. Attackers exploiting this XSS flaw can hijack user sessions, leading to unauthorized access to sensitive product specifications, intellectual property, and confidential project data. This compromises confidentiality and integrity of critical business information. The stored nature of the XSS means multiple users can be affected, potentially causing widespread data leakage or manipulation. The vulnerability could also facilitate further attacks such as privilege escalation or lateral movement within corporate networks. Given the reliance on ENOVIA for product lifecycle management, disruption or compromise could delay product development cycles, cause financial losses, and damage reputations. The requirement for user interaction and authentication somewhat limits the attack surface but does not eliminate risk, especially in environments with many users or where phishing/social engineering could be used to induce interaction. The lack of known exploits in the wild provides a window for proactive defense, but organizations must act swiftly to prevent exploitation. Regulatory compliance risks may also arise if sensitive data is exposed, impacting GDPR obligations.

1. Monitor Dassault Systèmes advisories closely and apply official patches or updates as soon as they become available for the affected 3DEXPERIENCE R2023x through R2025x releases. 2. Implement strict input validation and output encoding on all user-supplied data within ENOVIA Specification Manager, focusing on areas handling specification inputs to prevent script injection. 3. Restrict user privileges to the minimum necessary, especially limiting write or specification editing rights to trusted users to reduce the risk of malicious input. 4. Employ Content Security Policy (CSP) headers to restrict execution of unauthorized scripts in browsers accessing ENOVIA. 5. Conduct user awareness training to reduce the risk of social engineering attacks that could trigger the required user interaction for exploitation. 6. Use web application firewalls (WAF) with rules tuned to detect and block common XSS payloads targeting ENOVIA endpoints. 7. Regularly audit and review stored specification data for suspicious or unexpected script content. 8. Consider network segmentation and access controls to limit exposure of ENOVIA servers to only trusted internal users. 9. Enable multi-factor authentication (MFA) to reduce risk from compromised credentials. 10. Prepare incident response plans to quickly contain and remediate any detected exploitation attempts.