CVE-2026-9695

Summary

An Improper Authentication vulnerability affecting DELMIA Apriso from Release 2020 through Release 2026 could allow an attacker to gain privileged access to the server.

Affected Software

VendorProductVersion RangeStatus
Dassault SystèmesDELMIA AprisoRelease 2020 Golden <= Release 2020 SP4affected
Dassault SystèmesDELMIA AprisoRelease 2021 Golden <= Release 2021 SP3affected
Dassault SystèmesDELMIA AprisoRelease 2022 Golden <= Release 2022 SP4affected
Dassault SystèmesDELMIA AprisoRelease 2023 Golden <= Release 2023 SP3affected
Dassault SystèmesDELMIA AprisoRelease 2024 Golden <= Release 2024 SP2affected
Dassault SystèmesDELMIA AprisoRelease 2025 Golden <= Release 2025 SP1affected
Dassault SystèmesDELMIA AprisoRelease 2026 Golden <= Release 2026 SP1affected

Weaknesses

  • CWE-287: CWE-287 Improper Authentication

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References