🔐 CVE Alert

CVE-2025-59866

LOW 3.3
CVSS Score
3.3
EPSS Score
0.0%
EPSS Percentile
0th

The HCL DFMPro, DFXAnalytics and DFXServer installers are affected by ‘Insecure file permissions Leading to Privilege Escalation’ vulnerability, which enables any logged-in non-administrative user to overwrite or replace the executable file with a malicious binary.

CWE CWE-732
Vendor hclsoftware
Product dfmpro for catia
Published Jul 17, 2026
Last Updated Jul 17, 2026
Stay Ahead of the Next One

Get instant alerts for hclsoftware dfmpro for catia

Be the first to know when new low vulnerabilities affecting hclsoftware dfmpro for catia are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None

Affected Versions

HCLSoftware / DFMPro for CATIA
v4.1
HCLSoftware / DFXAnalytics
v3.1
HCLSoftware / DFXServer
v3.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗
support.hcl-software.com: https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0132365