Ethical Hacking News
Two Dassault Systèmes' DELMIA Apriso manufacturing operations management and execution solutions have been identified as targets for malicious attack activity due to actively exploited vulnerabilities. Organizations must prioritize patching and mitigation efforts to prevent potential attacks from materializing.
CISA has issued a warning about two actively exploited vulnerabilities in Dassault Systèmes' DELMIA Apriso. The first vulnerability (CVE-2025-6205) is a critical-severity missing authorization security flaw that can allow an attacker to gain privileged access without authentication. The second vulnerability (CVE-2025-6204) is a high-severity code injection vulnerability that allows attackers with elevated privileges to execute arbitrary code on vulnerable systems. These vulnerabilities have sparked widespread attack activity, particularly among federal civilian executive branch agencies. CISA urges all IT administrators and network defenders to prioritize patching the flaws as soon as possible.
The Cybersecurity & Infrastructure Security Agency (CISA) has issued a warning regarding two actively exploited vulnerabilities in Dassault Systèmes' DELMIA Apriso, a manufacturing operations management and execution solution. The alert comes as the agency continues to monitor a growing number of attacks that have been detected using these specific vulnerabilities.
The first vulnerability, identified with the CVE-2025-6205 designation, is a critical-severity missing authorization security flaw. This means that an attacker without any prior authentication could potentially gain privileged access to an unpatched application by exploiting this vulnerability. The severity of the flaw highlights the potential for significant damage if left unchecked.
In contrast, the second vulnerability, denoted as CVE-2025-6204, is classified as a high-severity code injection vulnerability. This type of vulnerability allows attackers with elevated privileges to execute arbitrary code on vulnerable systems. While not as severe in terms of the potential impact as the first vulnerability, it still poses a substantial risk to organizations that have not taken steps to patch their systems.
The discovery of these vulnerabilities has sparked widespread attack activity, particularly among federal civilian executive branch (FCEB) agencies. As mandated by the Binding Operational Directive 22-01 issued in November 2021, FCEB agencies are required to secure their networks within three weeks of receiving this directive. This time frame places great pressure on organizations that must take swift action to address these vulnerabilities.
CISA has urged all IT administrators and network defenders to prioritize patching the flaws as soon as possible. The agency emphasized that applying mitigations per vendor instructions or following applicable BOD 22-01 guidance for cloud services could help minimize potential risks. In extreme cases where no available mitigation exists, CISA advised organizations to discontinue use of the product.
The urgency surrounding these vulnerabilities is underscored by the fact that a similar critical vulnerability was identified just last month. The newly disclosed code injection flaw (CVE-2025-5086) further highlights the importance of proactive security measures and serves as a stark reminder of the need for all organizations to remain vigilant in their pursuit of cybersecurity.
DELMIA Apriso, a solution widely used by enterprises around the globe to manage warehouses, schedule production, allocate resources, manage quality, and integrate equipment with various business applications, is particularly susceptible to these vulnerabilities. The solution's deployment in automotive, electronics, aerospace, and industrial machinery divisions underscores its importance as a critical component of many organizations' operational infrastructure.
As threat actors continue to exploit these vulnerabilities in the wild, it is essential that all IT professionals prioritize swift patching and mitigation efforts to prevent potential attacks from materializing. By doing so, organizations can minimize their exposure to significant risks and significantly enhance their overall security posture.
In a rapidly evolving cybersecurity landscape, staying informed about emerging threats and actively addressing vulnerabilities remains crucial for maintaining effective defenses against malicious actors. As such, it is imperative that all stakeholders remain vigilant in monitoring these ongoing developments and take swift action whenever necessary to safeguard their organizations' digital assets.
Related Information:
https://www.ethicalhackingnews.com/articles/CISA-Alerts-Dassault-Vulnerabilities-Spark-Widespread-Attack-Activity-ehn.shtml
https://www.bleepingcomputer.com/news/security/cisa-warns-of-two-more-actively-exploited-dassault-vulnerabilities/
https://www.cisa.gov/news-events/alerts/2025/10/28/cisa-adds-two-known-exploited-vulnerabilities-catalog
https://nvd.nist.gov/vuln/detail/CVE-2025-6204
https://www.cvedetails.com/cve/CVE-2025-6204/
https://nvd.nist.gov/vuln/detail/CVE-2025-5086
https://www.cvedetails.com/cve/CVE-2025-5086/
Published: Tue Oct 28 15:10:41 2025 by llama3.2 3B Q4_K_M
