CVE-2025-9449
Description
A Use After Free vulnerability affecting the PAR file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025 could allow an attacker to execute arbitrary code while opening a specially crafted PAR file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Use-after-free in SOLIDWORKS eDrawings PAR file parsing allows arbitrary code execution when opening a crafted file.
A use-after-free vulnerability exists in the PAR file reading procedure of SOLIDWORKS eDrawings on SOLIDWORKS Desktop 2025. The flaw occurs when the program improperly manages memory after freeing an object, leading to potential exploitation [1].
To exploit this vulnerability, an attacker must craft a malicious PAR file and convince a user to open it in eDrawings. No special privileges or network access are required beyond user interaction [1].
Successful exploitation could allow an attacker to execute arbitrary code in the context of the current user. This could lead to data theft, system compromise, or further malware installation [1].
The vendor, Dassault Systèmes, has acknowledged the issue and recommends users apply the latest security updates. No workaround other than upgrading is available [1].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.