CVE-2026-5120

Summary

A Race Condition vulnerability affecting BIOVIA Workbook from Release 2021 through Release 2026 could allow a user to access unauthorized data from another user.

Affected Software

VendorProductVersion RangeStatus
Dassault SystèmesBIOVIA WorkbookRelease 2021 Golden <= Release 2021 Refresh5affected
Dassault SystèmesBIOVIA WorkbookRelease 2022 Golden <= Release 2022 Refresh5affected
Dassault SystèmesBIOVIA WorkbookRelease 2023 Golden <= Release 2023 Refresh4affected
Dassault SystèmesBIOVIA WorkbookRelease 2024 Golden <= Release 2024 Refresh4affected
Dassault SystèmesBIOVIA WorkbookRelease 2025 Golden <= Release 2025 Refresh3affected
Dassault SystèmesBIOVIA WorkbookRelease 2026 Goldenaffected

Weaknesses

  • CWE-362: CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References