CVE-2025-9976
published 2025-10-13CVE-2025-9976: An OS Command Injection vulnerability affecting Station Launcher App in 3DEXPERIENCE platform from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE…
PriorityP261critical9CVSS 3.1
AVNACLPRLUIRSCCHIHAH
EPSS
0.94%
56.4th percentile
An OS Command Injection vulnerability affecting Station Launcher App in 3DEXPERIENCE platform from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x could allow an attacker to execute arbitrary code on the user's machine.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dassault_syst_mes | station_launcher_app_in_3dexperience_platform | Release 3DEXPERIENCE R2022x Golden – Release 3DEXPERIENCE R2022x.FP.CFA.2540 | — |
| dassault_syst_mes | station_launcher_app_in_3dexperience_platform | Release 3DEXPERIENCE R2023x Golden – Release 3DEXPERIENCE R2023x.FP.CFA.2532 | — |
| dassault_syst_mes | station_launcher_app_in_3dexperience_platform | Release 3DEXPERIENCE R2024x Golden – Release 3DEXPERIENCE R2024x.FP.CFA.2537 | — |
| dassault_syst_mes | station_launcher_app_in_3dexperience_platform | Release 3DEXPERIENCE R2025x Golden – Release 3DEXPERIENCE R2025x.FP.CFA.2532 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-10-13
Published