CVE-2025-7042
Description
Use After Free vulnerability exists in the IPT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted IPT file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Use-after-free in SOLIDWORKS eDrawings IPT file parsing allows arbitrary code execution via crafted IPT files.
Vulnerability
Overview
A use-after-free vulnerability exists in the IPT file reading procedure of SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025 [1]. The root cause is improper memory management during the parsing of IPT files, where memory is freed but later accessed, leading to a use-after-free condition [1].
Exploitation
An attacker can exploit this vulnerability by convincing a user to open a specially crafted IPT file [1]. No authentication is required, and the attack vector is local, relying on user interaction to open the malicious file [1].
Impact
Successful exploitation could allow an attacker to execute arbitrary code in the context of the SOLIDWORKS eDrawings application [1]. This could lead to system compromise, including data theft, installation of malware, or full control of the affected system [1].
Mitigation
Dassault Systèmes has released a security advisory for this vulnerability [1]. Users are advised to apply the necessary updates or patches as recommended by the vendor to mitigate the risk [1].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: = 2025
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.