Description
Sparx Enterprise Architect software has a security feature that limits user's actions to those specified in the role. An authenticated attacker can modify the Enterprise Architect client behavior (e.g. using a debugger) and log in as any other user or administrator - then it is possible to do every possible change to the repository.

The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 17.1 and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
Published: 2026-05-19
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Sparx Enterprise Architect implements role‑based access controls to limit user actions, yet the vulnerability identified as CWE‑603 allows an authenticated attacker to modify the client application with debugging techniques so they can impersonate any user or administrator. This impersonation grants unrestricted modification rights to the repository, enabling the attacker to alter, delete, or add data and thereby compromise the confidentiality, integrity, and availability of stored information.

Affected Systems

The affected product is Sparx Systems’ Enterprise Architect. Versions 17.1 and earlier have been explicitly tested and confirmed vulnerable. Information about newer releases is unavailable, so they may or may not contain a fix.

Risk and Exploitability

The CVSS score of 8.7 indicates a high‑severity risk. No EPSS score is published, but the absence from CISA KEV suggests no widespread exploitation has been reported. Exploitation requires an authenticated user who can locally modify the client, reauthenticate as a higher‑privileged account, and then perform any repository operation. The ability to gain full control of the repository constitutes a significant threat to organizations using this tool.

Generated by OpenCVE AI on May 19, 2026 at 14:38 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any available vendor patch or upgrade to a version confirmed not vulnerable (e.g., version ≥17.2).
  • Disallow or tightly control debugging and other reverse‑engineering tools on client machines to prevent modification of the application.
  • Enforce strict least‑privilege access controls on the Enterprise Architect repository and monitor login activity for anomalous privilege escalation attempts.

Generated by OpenCVE AI on May 19, 2026 at 14:38 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 19 May 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 19 May 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Sparxsystems
Sparxsystems enterprise Architect
Vendors & Products Sparxsystems
Sparxsystems enterprise Architect

Tue, 19 May 2026 13:45:00 +0000

Type Values Removed Values Added
Description Sparx Enterprise Architect software has a security feature that limits user's actions to those specified in the role. An authenticated attacker can modify the Enterprise Architect client behavior (e.g. using a debugger) and log in as any other user or administrator - then it is possible to do every possible change to the repository. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 17.1 and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
Title Authorization Bypass in Sparx Enterprise Architect
Weaknesses CWE-603
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Sparxsystems Enterprise Architect
cve-icon MITRE

Status: PUBLISHED

Assigner: CERT-PL

Published:

Updated: 2026-05-19T15:27:32.916Z

Reserved: 2026-04-24T12:15:00.858Z

Link: CVE-2026-42098

cve-icon Vulnrichment

Updated: 2026-05-19T15:27:30.343Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-19T14:16:42.417

Modified: 2026-05-19T14:45:59.807

Link: CVE-2026-42098

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-19T14:45:07Z

Weaknesses