CVE-2025-6971 is a high-severity Use After Free (UAF) vulnerability identified in Dassault Systèmes' SOLIDWORKS eDrawings, specifically affecting the CATPRODUCT file reading procedure in the SOLIDWORKS Desktop 2025 SP0 release. Use After Free vulnerabilities occur when a program continues to use memory after it has been freed, leading to undefined behavior, including potential arbitrary code execution. In this case, the vulnerability arises when opening a specially crafted CATPRODUCT file, a file format used by SOLIDWORKS to represent assemblies or product structures. An attacker who can convince a user to open such a maliciously crafted file can exploit this vulnerability to execute arbitrary code with the privileges of the user running the application. The CVSS 3.1 base score of 7.8 reflects a high severity, with the vector indicating local attack vector (AV:L), low attack complexity (AC:L), no privileges required (PR:N), but requiring user interaction (UI:R). The impact on confidentiality, integrity, and availability is rated high, meaning successful exploitation could lead to full system compromise, data theft, or disruption of operations. Although no known exploits are currently reported in the wild, the vulnerability's nature and severity make it a significant risk, especially in environments where SOLIDWORKS eDrawings is used to review or share CAD files. The lack of available patches at the time of publication increases the urgency for mitigation and monitoring. Given that SOLIDWORKS eDrawings is widely used in engineering, manufacturing, and design sectors, this vulnerability could be leveraged to target intellectual property or disrupt critical design workflows.

For European organizations, the impact of CVE-2025-6971 could be substantial, particularly in industries reliant on CAD software such as automotive, aerospace, industrial manufacturing, and engineering services. Exploitation could lead to unauthorized access to sensitive design data, intellectual property theft, or insertion of malicious modifications into design files, potentially compromising product integrity and safety. The ability to execute arbitrary code locally could also facilitate lateral movement within corporate networks, leading to broader compromise. Given the high confidentiality and integrity impact, organizations could face operational disruptions, financial losses, and reputational damage. Additionally, regulatory compliance risks may arise if sensitive data is exposed or manipulated. The requirement for user interaction means that social engineering or phishing campaigns targeting employees who handle CAD files could be an effective attack vector. The local attack vector suggests that attackers need some form of access to the endpoint, but this is often achievable through email attachments or shared network drives. The absence of known exploits currently provides a window for proactive defense, but the high severity score demands immediate attention.

To mitigate the risk posed by CVE-2025-6971, European organizations should implement several specific measures beyond generic patching advice: 1) Restrict the use of SOLIDWORKS eDrawings to trusted users and environments, limiting exposure to untrusted CATPRODUCT files. 2) Implement strict email and file attachment filtering to detect and block suspicious or unexpected CATPRODUCT files, especially from external sources. 3) Employ endpoint protection solutions capable of detecting anomalous behavior related to memory corruption exploits, including heuristic and behavior-based detection. 4) Educate users, particularly engineers and designers, about the risks of opening files from unverified sources and encourage verification of file origins before opening. 5) Use application whitelisting and sandboxing techniques to isolate SOLIDWORKS eDrawings processes, reducing the impact of potential exploitation. 6) Monitor network and endpoint logs for unusual activity indicative of exploitation attempts, such as unexpected process launches or memory access violations. 7) Coordinate with Dassault Systèmes for timely patch deployment once available, and consider temporary workarounds such as disabling automatic opening of CATPRODUCT files or using alternative viewing tools where feasible. 8) Review and enhance internal file sharing policies to minimize the circulation of potentially malicious files within the organization.