CVE-2025-6973 is a high-severity Use After Free (CWE-416) vulnerability identified in Dassault Systèmes SOLIDWORKS eDrawings, specifically affecting the JT file reading procedure in the Release SOLIDWORKS Desktop 2025 SP0 version. The vulnerability arises when the software improperly manages memory during the parsing of JT files, a common 3D data format used in CAD environments. An attacker can craft a malicious JT file that, when opened with the vulnerable eDrawings application, triggers the use-after-free condition. This memory corruption can lead to arbitrary code execution within the context of the user running the software. The CVSS 3.1 base score of 7.8 reflects a high severity, with the vector indicating local attack vector (AV:L), low attack complexity (AC:L), no privileges required (PR:N), but requiring user interaction (UI:R). The impact is critical across confidentiality, integrity, and availability, as successful exploitation can lead to full system compromise or unauthorized data access. No known exploits are currently reported in the wild, and no patches have been published yet. Given the nature of the vulnerability, it is likely to be targeted by attackers once exploit code becomes available, especially in environments where SOLIDWORKS eDrawings is used extensively for viewing and sharing CAD data.

For European organizations, the impact of this vulnerability is significant, particularly in industries reliant on CAD software such as automotive, aerospace, manufacturing, and engineering sectors. Compromise of SOLIDWORKS eDrawings could lead to intellectual property theft, sabotage of design files, or lateral movement within corporate networks. Confidentiality breaches could expose sensitive design data, while integrity violations might result in corrupted or manipulated CAD models, potentially causing costly production errors. Availability impacts could disrupt engineering workflows and delay project timelines. Given that SOLIDWORKS eDrawings is often used by engineers and designers who may not have elevated privileges, exploitation could serve as an initial foothold for attackers. The requirement for user interaction (opening a malicious JT file) means phishing or social engineering could be vectors for attack. The lack of patches increases the risk window for European organizations until mitigations are applied.

European organizations should implement a multi-layered mitigation approach: 1) Restrict the use of SOLIDWORKS eDrawings to trusted users and environments, limiting exposure to untrusted JT files. 2) Educate users about the risks of opening JT files from unknown or unverified sources to reduce the likelihood of successful social engineering. 3) Employ application whitelisting and sandboxing techniques to contain potential exploitation attempts. 4) Monitor network and endpoint activity for unusual behavior indicative of exploitation attempts, such as unexpected process launches or memory anomalies. 5) Coordinate with Dassault Systèmes for timely patch deployment once available and prioritize patching in critical CAD workstations. 6) Implement network segmentation to isolate engineering workstations from sensitive production or business-critical systems to limit lateral movement. 7) Use endpoint detection and response (EDR) tools capable of detecting exploitation patterns related to use-after-free vulnerabilities. 8) Maintain regular backups of design data to ensure recovery in case of compromise.