"Both CVE-2025-6204 and CVE-2025-6205 affect DELMIA Apriso versions from Release 2020 through Release 2025. They were addressed by Dassault Systèmes in early August. According to details shared by ProjectDiscovery researchers Rahul Maini, Harsh Jaiswal, and Parth Malhotra last month, the two security flaws can be fashioned together into an exploit chain to create accounts with elevated privileges and then drop executable files into a web-served directory, resulting in a full application compromise."
"Threat actors are actively exploiting multiple security flaws impacting Dassault Systémes DELMIA Apriso and XWiki, according to alerts issued by the U.S. Cybersecurity and Infrastructure Security Agency ( CISA) and VulnCheck. The vulnerabilities are listed below - CVE-2025-6204 (CVSS score: 8.0) - A code injection vulnerability in Dassault Systèmes DELMIA Apriso that could allow an attacker to execute arbitrary code. CVE-2025-6205 (CVSS score: 9.1) - A missing authorization vulnerability in Dassault Systèmes DELMIA Apriso that could allow an attacker to gain privileged access to the application."
Multiple high-severity vulnerabilities allow code injection, missing authorization and eval injection in DELMIA Apriso and XWiki, enabling arbitrary code execution and privilege escalation. DELMIA Apriso CVE-2025-6204 (CVSS 8.0) and CVE-2025-6205 (CVSS 9.1) affect releases 2020–2025 and were patched in early August. XWiki CVE-2025-24893 (CVSS 9.8) allows guest users to achieve remote code execution via the /bin/get/Main/SolrSearch endpoint. Researchers showed the Apriso flaws can be chained to create privileged accounts and drop executables into web-served directories, resulting in full application compromise. CISA added the Apriso flaws to the KEV catalog and exploitation activity was observed by security vendors.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]