Code Injection Vulnerability in DELMIA Apriso by Dassault Systèmes
CVE-2025-6204

8HIGH

Key Information:

Vendor

Dassault Systèmes

Status
Delmia Apriso
Vendor
CVE Published:
4 August 2025

What is CVE-2025-6204?

DELMIA Apriso, a product from Dassault Systèmes, is susceptible to an improper control of code generation, also known as a code injection vulnerability. This flaw allows malicious actors to execute arbitrary code within the affected software versions, posing significant security risks. The vulnerability spans from Release 2020 through Release 2025, making it imperative for users of DELMIA Apriso to implement appropriate security measures and stay updated with the latest security advisories.

Affected Version(s)

DELMIA Apriso Release 2020 Golden

DELMIA Apriso Release 2021 Golden

DELMIA Apriso Release 2022 Golden

References

https://www.3ds.com/trust-center/security/security-adviso...

CVSS V3.1

Score:
8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.