CVE-2026-7858
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A Deserialization of Untrusted Data vulnerability affecting Teamwork Cloud from No Magic Release 2022x through No Magic Release 2026x and Magic Collaboration Studio from CATIA Magic Release 2022x through CATIA Magic Release 2026x could lead to an unauthenticated remote code execution.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dassault Systèmes | Teamwork Cloud - Standard Edition | No Magic Release 2022x Golden <= No Magic Release 2022x Refresh2 HF3 | affected |
| Dassault Systèmes | Teamwork Cloud - Standard Edition | No Magic Release 2024x Golden <= No Magic Release 2024x Refresh3 HF1 | affected |
| Dassault Systèmes | Teamwork Cloud - Standard Edition | No Magic Release 2026x Golden <= No Magic Release 2026x Golden HF2 | affected |
| Dassault Systèmes | Teamwork Cloud - Business Edition | No Magic Release 2022x Golden <= No Magic Release 2022x Refresh2 HF3 | affected |
| Dassault Systèmes | Teamwork Cloud - Business Edition | No Magic Release 2024x Golden <= No Magic Release 2024x Refresh3 HF1 | affected |
| Dassault Systèmes | Teamwork Cloud - Business Edition | No Magic Release 2026x Golden <= No Magic Release 2026x Golden HF2 | affected |
| Dassault Systèmes | Teamwork Cloud - Business Pro Edition | No Magic Release 2022x Golden <= No Magic Release 2022x Refresh2 HF3 | affected |
| Dassault Systèmes | Teamwork Cloud - Business Pro Edition | No Magic Release 2024x Golden <= No Magic Release 2024x Refresh3 HF1 | affected |
| Dassault Systèmes | Teamwork Cloud - Business Pro Edition | No Magic Release 2026x Golden <= No Magic Release 2026x Golden HF2 | affected |
| Dassault Systèmes | Teamwork Cloud - Enterprise Edition | No Magic Release 2022x Golden <= No Magic Release 2022x Refresh2 HF3 | affected |
| Dassault Systèmes | Teamwork Cloud - Enterprise Edition | No Magic Release 2024x Golden <= No Magic Release 2024x Refresh3 HF1 | affected |
| Dassault Systèmes | Teamwork Cloud - Enterprise Edition | No Magic Release 2026x Golden <= No Magic Release 2026x Golden HF2 | affected |
| Dassault Systèmes | Magic Collaboration Studio | CATIA Magic Release 2022x Golden <= CATIA Magic Release 2022x Refresh2 HF3 | affected |
| Dassault Systèmes | Magic Collaboration Studio | CATIA Magic Release 2024x Golden <= CATIA Magic Release 2024x Refresh3 HF1 | affected |
| Dassault Systèmes | Magic Collaboration Studio | CATIA Magic Release 2026x Golden <= CATIA Magic Release 2026x Golden HF2 | affected |
Weaknesses
- CWE-502: CWE-502 Deserialization of Untrusted Data
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.