A critical memory safety flaw in SOLIDWORKS eDrawings allows attackers to execute arbitrary code on a user's system through the delivery of a compromised EPRT file.

The application suffers from an Out-Of-Bounds Read vulnerability within the EPRT file reading procedure. An unauthenticated attacker can exploit this by crafting a file that forces the application to read beyond allocated memory buffers during file parsing.

The impact of this vulnerability includes the potential for full system takeover and unauthorized access to sensitive engineering data. Given the CVSS score of 7.8, this represents a significant risk to organizational confidentiality and integrity, as a single user interaction can trigger the exploit.

Immediate Action: Update SOLIDWORKS eDrawings to the latest patched version available for the 2025 and 2026 releases to address the memory parsing issue.

Proactive Monitoring: Review system logs for application crashes involving eDrawings, which may indicate failed or successful exploitation attempts.

Compensating Controls: Implement "Least Privilege" principles for users of CAD software and use sandboxing technologies to isolate file-viewing activities from the rest of the network.

Public Exploit Available: false

This vulnerability highlights the risk inherent in processing complex file formats. It is imperative that administrators deploy the vendor-supplied security updates immediately. Furthermore, user awareness training regarding the dangers of opening unsolicited files from external vendors should be reinforced.