CVE-2025-6205

Summary

A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to gain privileged access to the application.

Affected Software

VendorProductVersion RangeStatus
Dassault SystèmesDELMIA AprisoRelease 2020 Golden <= Release 2020 SP4affected
Dassault SystèmesDELMIA AprisoRelease 2021 Golden <= Release 2021 SP3affected
Dassault SystèmesDELMIA AprisoRelease 2022 Golden <= Release 2022 SP3affected
Dassault SystèmesDELMIA AprisoRelease 2023 Golden <= Release 2023 SP3affected
Dassault SystèmesDELMIA AprisoRelease 2024 Golden <= Release 2024 SP1affected
Dassault SystèmesDELMIA AprisoRelease 2025 Golden <= Release 2025 SP1affected

Weaknesses

  • CWE-862: CWE-862 Missing Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: yes
    • Technical Impact: total

Additional References

References