CVE-2026-1284 is an out-of-bounds write vulnerability classified under CWE-787, found in the EPRT file reading component of Dassault Systèmes SOLIDWORKS eDrawings software, specifically affecting Release SOLIDWORKS Desktop 2025 SP0 through 2026 SP0. The vulnerability arises when the software improperly handles memory boundaries during the parsing of EPRT files, which are used to represent 3D part data. An attacker can craft a malicious EPRT file that, when opened by a user in the vulnerable eDrawings application, triggers a memory corruption condition allowing arbitrary code execution. The CVSS v3.1 score is 7.8, indicating high severity, with attack vector classified as local (AV:L), low attack complexity (AC:L), no privileges required (PR:N), but requiring user interaction (UI:R). The scope is unchanged (S:U), and the impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H). This means an attacker can fully compromise the affected system under the context of the user running the application. No patches or exploits are currently publicly available, but the vulnerability poses a significant risk due to the widespread use of SOLIDWORKS in engineering and manufacturing environments. The vulnerability's exploitation could lead to data theft, system manipulation, or denial of service. The lack of authentication requirement and the common practice of sharing CAD files increase the risk of targeted attacks or supply chain compromises.

The potential impact of CVE-2026-1284 is substantial for organizations relying on SOLIDWORKS eDrawings for design visualization and collaboration. Successful exploitation could lead to arbitrary code execution, allowing attackers to gain control over affected systems with the privileges of the user opening the malicious file. This can result in theft of intellectual property, insertion of malicious code into design files, disruption of engineering workflows, and potential lateral movement within corporate networks. Given the critical role of CAD software in product development, manufacturing, and engineering, such compromises could delay projects, cause financial losses, and damage reputations. The vulnerability also poses risks to supply chain security, as malicious files could be distributed through trusted partners or third-party vendors. The requirement for user interaction limits remote exploitation but does not eliminate risk, especially in environments where users frequently exchange design files. The absence of known exploits in the wild provides a window for proactive defense, but the high severity score underscores the urgency for mitigation.

To mitigate CVE-2026-1284 effectively, organizations should implement a multi-layered approach beyond generic patching advice: 1) Monitor Dassault Systèmes communications closely for official patches and apply them immediately upon release. 2) Restrict the sources of EPRT files by enforcing strict file origin policies and validating files before opening. 3) Employ sandboxing or isolated virtual environments for opening untrusted or externally sourced EPRT files to contain potential exploitation. 4) Educate users about the risks of opening unsolicited or unexpected CAD files and enforce policies requiring verification of file provenance. 5) Use endpoint detection and response (EDR) tools to monitor for anomalous behavior related to eDrawings processes, such as unexpected memory access or code execution patterns. 6) Implement network segmentation to limit the spread of compromise if an endpoint is affected. 7) Regularly back up critical design data and maintain incident response plans tailored to CAD software compromise scenarios. 8) Consider disabling or limiting eDrawings functionality where feasible until patches are applied. These targeted steps help reduce attack surface and improve detection and response capabilities.