CVE-2025-4992
📋 TL;DR
A stored Cross-site Scripting (XSS) vulnerability in Service Items Management within Service Process Engineer allows attackers to inject malicious scripts that execute in users' browsers. This affects 3DEXPERIENCE releases from R2024x through R2025x, potentially compromising users who access the affected service items.
💻 Affected Systems
- 3DEXPERIENCE Service Process Engineer
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could steal session cookies, perform actions as authenticated users, redirect to malicious sites, or install malware on user systems.
Likely Case
Session hijacking leading to unauthorized access, data theft, or manipulation of service items within the application.
If Mitigated
Limited impact with proper input validation and output encoding, though some functionality disruption may occur.
🎯 Exploit Status
Requires authenticated access to create/modify service items; stored XSS means payload persists and affects all users viewing the compromised item.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check vendor advisory for specific patched releases
Vendor Advisory: https://www.3ds.com/vulnerability/advisories
Restart Required: Yes
Instructions:
1. Review Dassault Systèmes advisory 2. Apply recommended patches/updates 3. Restart affected services 4. Verify fix implementation
🔧 Temporary Workarounds
Input Validation Enhancement
allImplement strict input validation and output encoding for service item fields
Application-specific configuration - no universal commands
Content Security Policy
allImplement CSP headers to restrict script execution sources
Add CSP headers via web server configuration or application settings
🧯 If You Can't Patch
- Restrict user permissions for service item creation/modification
- Implement web application firewall with XSS protection rules
🔍 How to Verify
Check if Vulnerable:
Test if script tags in service item fields execute when viewed by other usersCheck Version:
Check 3DEXPERIENCE version via administration console or system informationVerify Fix Applied:
Attempt XSS payload injection in service items and verify scripts do not execute📡 Detection & Monitoring
Log Indicators:
- Unusual service item modifications
- Script-like content in service item fields
- Multiple failed XSS attempts
Network Indicators:
- Unexpected external script loads from service item pages
- Suspicious POST requests to service item endpoints
SIEM Query:
source="3dexperience-logs" AND (message="*<script>*" OR message="*javascript:*")