Authorization Flaw in DELMIA Apriso Affects 2020 to 2025 Releases
CVE-2025-6205
Key Information:
- Vendor
Dassault Systèmes
- Status
- Vendor
- CVE Published:
- 4 August 2025
Badges
What is CVE-2025-6205?
A missing authorization vulnerability in DELMIA Apriso from Release 2020 through Release 2025 could allow unauthorized individuals to gain privileged access to the application. This security flaw highlights the importance of implementing robust access controls within the software to prevent potential exploitation. Users of affected releases should apply relevant security patches and follow best practices to mitigate risks.
CISA has reported CVE-2025-6205
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-6205 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
DELMIA Apriso Release 2020 Golden
DELMIA Apriso Release 2021 Golden
DELMIA Apriso Release 2022 Golden
News Articles
CISA adds a pair of Dassault Systèmes’ DELMIA Apriso vulnerabilities to KEV catalogue
The US cyber agency warns of active exploitation of flaws that could lead to full application compromise of a popular manufacturing operations management platform.
1 week ago
CISA Warns of Dassault Systèmes Vulnerabilities Actively Exploited in Attacks
CISA has added two critical vulnerabilities affecting Dassault Systèmes DELMIA Apriso to its Known Exploited Vulnerabilities catalog, warning that threat actors are actively exploiting these security flaws in real-world attacks.
1 week ago
CyberSecurityNewsCISA Warns of Dassault Systèmes Vulnerabilities Actively Exploited in Attacks
CISA has added two critical vulnerabilities affecting Dassault Systèmes DELMIA Apriso to its Known Exploited Vulnerabilities catalog, warning that threat actors are actively exploiting these security flaws in real-world attacks.
1 week ago
References
EPSS Score
42% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- 👾
Exploit known to exist
- 🦅
CISA Reported
- 📰
First article discovered by BleepingComputer
Vulnerability published
Vulnerability Reserved