CVE-2026-1284 is an out-of-bounds write vulnerability classified under CWE-787, discovered in the EPRT file reading procedure of Dassault Systèmes SOLIDWORKS eDrawings versions 2025 SP0 and 2026 SP0. This vulnerability arises when the software improperly handles specially crafted EPRT files, leading to memory corruption through writing outside the intended buffer boundaries. Such memory corruption can be leveraged by an attacker to execute arbitrary code within the context of the user opening the file. The attack vector requires local access (AV:L) and user interaction (UI:R), but no privileges (PR:N) are necessary, making it a significant risk if malicious files are received via email, shared drives, or other file transfer methods. The vulnerability impacts confidentiality, integrity, and availability (all rated high), as arbitrary code execution could lead to data theft, system compromise, or denial of service. Although no public exploits are known at this time, the vulnerability's presence in widely used CAD software used extensively in engineering and manufacturing sectors makes it a critical concern. The lack of available patches at the time of disclosure necessitates immediate risk mitigation through operational controls and monitoring.

For European organizations, especially those in the manufacturing, automotive, aerospace, and engineering sectors that rely heavily on SOLIDWORKS eDrawings for design visualization and collaboration, this vulnerability poses a significant risk. Successful exploitation could allow attackers to execute arbitrary code, potentially leading to intellectual property theft, disruption of design workflows, and compromise of sensitive engineering data. This could result in financial losses, reputational damage, and operational downtime. Given the collaborative nature of design files, a compromised system could serve as a pivot point for broader network infiltration. The requirement for user interaction means phishing or social engineering could be used to deliver malicious EPRT files, increasing the attack surface. The high confidentiality and integrity impact is particularly concerning for organizations handling proprietary designs or regulated products. Additionally, disruption to availability could delay critical production timelines, affecting supply chains and market competitiveness.

1. Monitor Dassault Systèmes communications closely and apply official patches immediately once released for SOLIDWORKS eDrawings 2025 SP0 and 2026 SP0. 2. Until patches are available, restrict the opening of EPRT files from untrusted or unknown sources through policy enforcement and user training. 3. Implement application whitelisting to limit execution of unauthorized files and sandbox SOLIDWORKS eDrawings where feasible to contain potential exploits. 4. Employ advanced endpoint detection and response (EDR) solutions to monitor for anomalous behavior indicative of exploitation attempts. 5. Educate users on phishing and social engineering risks associated with opening unsolicited design files. 6. Use network segmentation to isolate systems running SOLIDWORKS eDrawings from critical infrastructure and sensitive data repositories. 7. Regularly back up design files and system configurations to enable recovery in case of compromise. 8. Conduct vulnerability scanning and penetration testing focused on CAD environments to identify and remediate related risks proactively.