External risk intelligence

SOLIDWORKS Visualize Path Traversal Leading to Arbitrary File Write

CVE advisorySeverity: CRITICAL (CVSS 9.8)

CVE-2026-10094

A path traversal vulnerability in SOLIDWORKS Visualize may permit an attacker to write arbitrary files to servers. This could impact system integrity and availability. Please confirm if this technology is relevant to your operations and assess potential exposure.

Path Traversal

Halo Surface Signal

Very unlikely · external exposure

1Halo Surface Signal

SOLIDWORKS Visualize is a desktop-based 3D rendering application typically used on local workstations or dedicated design terminals. It is not designed to be an internet-facing service, gateway, or edge-network appliance, making public internet exposure in common real-world deployments very unlikely.

Horizon Alert

Summary of the vulnerability and why it matters

A path traversal vulnerability has been identified in SOLIDWORKS Visualize, potentially allowing unauthorized users to write files on servers. The main concern at this stage is to confirm if this technology is relevant to our operations and to assess any potential exposure.

  • Allows writing arbitrary files to servers.
  • Critical vulnerability in design visualization software.
  • Confirm relevance and assess any exposure.

Attack Path

How an attacker could exploit the issue

An attacker could exploit this vulnerability by sending a specially crafted request to a system running SOLIDWORKS Visualize. This could allow them to write arbitrary files to the server, potentially leading to system compromise.

  • No authentication required.
  • Malicious file path in request.
  • Arbitrary file write to server.

Live Threat

Current exploitation, exposure, and threat context

A Path Traversal vulnerability in SOLIDWORKS Visualize could allow an attacker to write arbitrary files on the server under certain conditions. This could impact the integrity and availability of the system.

  • System files and configurations at risk.
  • Arbitrary file writes could occur.
  • System instability or compromise is possible.

Operational Fix

Recommended remediation, mitigation, and detection steps

The affected technology is SOLIDWORKS Visualize, a desktop application. This means ownership likely falls to end-user computing, desktop engineering, or application support teams, rather than traditional infrastructure or platform teams. The immediate first step is to identify all installations, assess their business criticality and network reachability, and confirm the designated owner responsible for managing these installations before planning remediation.

  • Confirm application owners and asset inventory.
  • Verify network exposure and criticality of installations.
  • Plan targeted remediation or vendor engagement.

Supplementary metadata

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Validate whether this threat affects your internet-facing exposure.

Halo Threat Intelligence helps prioritize remediation with Halo Surface Signal and H/A/L/O context. Start exposure validation with a free external attack surface trial.

Free EASM Trial See How Signal Works

Frequently asked questions

What is SOLIDWORKS Visualize?

SOLIDWORKS Visualize is professional software used for 3D rendering and creating high-quality visual content from design data. It is primarily utilized by engineers and designers on local workstations or dedicated terminals to transform 3D models into photorealistic imagery, rather than serving as a standard network-based infrastructure component.

How does CVE-2026-10094 work?

This vulnerability is classified as Path Traversal (CWE-22). It occurs when the software does not properly sanitize file path inputs, allowing an attacker to manipulate these paths to write files outside of the intended directory. In this context, it enables an attacker to place arbitrary files onto the system hosting the software.

Does any request trigger this file write?

The vulnerability is triggered by sending a specially crafted request that contains a malicious file path. Simply using the application for standard design tasks or rendering local projects does not trigger this flaw. The attack requires specific, malformed input designed to bypass path restrictions.

Is my system at risk according to Halo Surface Signal?

Because SOLIDWORKS Visualize is typically a desktop application, Halo Surface Signal notes it is not designed to be an internet-facing gateway or server. While the vulnerability exists, the likelihood of public exposure is very low unless the software has been improperly deployed in a way that allows direct network access from the internet.

What should I do if I run this software?

First, identify all machines where the software is installed and confirm who manages those systems, such as desktop engineering or end-user support teams. Verify if any of these installations are reachable via the network, assess their business criticality, and monitor the official vendor channels for security updates or configuration guidance.

References

Sources and related resources

Primary sources: NVD, CVE.org.

NVDPublished