- Description
- An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code.
- Source
- 3DS.Information-Security@3ds.com
- NVD status
- Analyzed
- Products
- delmia_apriso
CVSS 3.1
- Type
- Secondary
- Base score
- 8
- Impact score
- 6
- Exploitability score
- 1.3
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Dassault Systèmes DELMIA Apriso Code Injection Vulnerability
- Exploit added on
- Oct 28, 2025
- Exploit action due
- Nov 18, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- 3DS.Information-Security@3ds.com
- CWE-94
- Hype score
- Not currently trending
🛡️ Cyber Threat Digest – 2025-10-30 KEV: CVE-2025-6204 — Dassault Systèmes DELMIA Apriso NVD: CVE-2023-7324 — In the Linux kernel News: Microsoft promises more Copilot features in… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
30 Oct 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Alerts: 2 New Dassault Flaws Under Active Attack https://t.co/D66fhuwVtT #CisaSecurityAlert #cve-2025-6204 #cve-2025-6205 #DassaultDelmiaApriso
@wizconsults
30 Oct 2025
48 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Today @CISACyber added Dassault Systèmes DELMIA Apriso vulnerabilities CVE-2025-6204 & CVE-2025-6205 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/LMm64iDr0N & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec
@7thGensec
29 Oct 2025
158 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 Delmia Apriso Manufacturing Systems Under Active Attack CISA warns hackers actively exploiting CVE-2025-6204 (code injection) and CVE-2025-6205 (missing authorization) in Dassault's Delmia Apriso manufacturing operations software. What's concerning: customers include RTX
@the_c_protocol
29 Oct 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🌍 @CISACyber adds 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog: - CVE-2025-6204 (Code Injection) - CVE-2025-6205 (Missing Authorization) Both affect Dassault Systèmes DELMIA Apriso and are under active exploitation. Patch fast - and stay updated.
@TechNadu
29 Oct 2025
87 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-10-29 KEV: CVE-2025-6204 — Dassault Systèmes DELMIA Apriso NVD: CVE-2025-12103 — flaw was found in News: Windows 11 KB5067036 update rolls out… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
29 Oct 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA reports active exploitation of two critical vulnerabilities in Dassault Systèmes’ DELMIA Apriso software (CVE-2025-6204 & CVE-2025-6205). Privilege escalation and remote code execution risks impact industrial systems. #IndustrialSecurity #France https://t.co/sF9cIN8LT
@TweetThreatNews
29 Oct 2025
127 Impressions
1 Retweet
0 Likes
0 Bookmarks
1 Reply
0 Quotes
📌 تؤكد وكالات الأمن السيبراني الأمريكية على استغلال نشط لثغرات أمنية حرجة في نظام Dassault Systèmes DELMIA Apriso وXWiki. تشمل الثغرات المعروفة CVE-2025-6204، التي تمثّل ثغرة
@Cybercachear
29 Oct 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨CVE-2025-6204 and CVE-2025-6205 have been added to the KEV Catalog. https://t.co/9idGUAHIKd https://t.co/ScMnLCsUaM
@DarkWebInformer
28 Oct 2025
4254 Impressions
2 Retweets
21 Likes
7 Bookmarks
0 Replies
0 Quotes
🛡️ We added Dassault Systèmes DELMIA Apriso vulnerabilities CVE-2025-6204 & CVE-2025-6205 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec https://t.co/Jm
@CISACyber
28 Oct 2025
6234 Impressions
18 Retweets
37 Likes
4 Bookmarks
13 Replies
2 Quotes
🚨 CVE-2025-6204 - critical 🚨 DELMIA Apriso - Command Injection > An Improper Control of Generation of Code (code injection / file upload → RCE) vulner... 👾 https://t.co/xjjO40dPRf @pdnuclei #NucleiTemplates #cve
@pdnuclei_bot
23 Sept 2025
159 Impressions
1 Retweet
1 Like
2 Bookmarks
0 Replies
0 Quotes
Exploit Attempts for Dassault DELMIA Apriso. CVE-2025-6204 https://t.co/ZYiWppck0n https://t.co/4EVeTS1Sde
@sans_isc
3 Sept 2025
1163 Impressions
0 Retweets
2 Likes
3 Bookmarks
0 Replies
0 Quotes
CVE-2025-6204 (CVSS:8.0, HIGH) is Awaiting Analysis. An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 throu..https://t.co/gNuBvQT2xh #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
9 Aug 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-6204 Code Injection Vulnerability in DELMIA Apriso Releases 2020 Through 2025 https://t.co/d6syaXBll9
@VulmonFeeds
4 Aug 2025
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-6204 An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execu… https://t.co/3gFvJDyWl6
@CVEnew
4 Aug 2025
536 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:3ds:delmia_apriso:*:*:*:*:*:*:*:*",
"matchCriteriaId": "809F8ACE-5686-4178-ACF7-D6968035FCF5",
"versionEndIncluding": "2025",
"versionStartIncluding": "2020",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]