🔴 CVE-2025-6205

Critical missing authorization vulnerability in DELMIA Apriso manufacturing execution system allows unauthenticated attackers to gain privileged access over the network. CISA coordinator notes active exploitation is occurring in the wild.

← Back to Overview
HIGH_RISK
Risk Level
9.1
CVSS Score
NETWORK
Attack Vector
Initial Access
ATT&CK Tactic
T1190 — Exploit Public-Facing Application
ATT&CK Technique
HIGH
Deployment Risk
No
Ransomware

📋 Vulnerability Details

Data Source: CIRCL

Confidence: HIGH

Exploitation Method: DIRECT_NETWORK

CVE Published: 2025-08-04

Added to CISA KEV: 2025-10-28 85 DAYS BETWEEN CVE AND KEV

🎯 Recommendations:

🔍 Web Intelligence (Kagi · 2025-10-30)

CVE-2025-6205 is a critical missing authorization vulnerability affecting Dassault Systèmes DELMIA Apriso, with evidence of active exploitation in the wild [1]. CISA has added it to its Known Exploited Vulnerabilities (KEV) catalog, indicating its significant risk [1][3].

Here's a breakdown of what is known about its exploitation:

  • Affected Applications/Services: DELMIA Apriso versions from Release 2020 through Release 2025 are affected [9][7].
  • Internet-Facing Applications: The vulnerability affects those DELMIA Apriso applications accessible from the internet [4].
  • Active Exploitation: CISA has confirmed active exploitation of this vulnerability [1][5].
  • Attack Vectors/Exploitation Methods: The vulnerability is due to missing authorization checks, which could allow unauthenticated attackers to remotely gain privileged access to the application [5][2]. An attacker could gain privileged access to the application [2][7].
  • Targeted Attacks: While the provided context confirms active exploitation, it does not explicitly detail whether CVE-2025-6205 has been used in specific targeted attacks.
  • CISA KEV Status: CISA has added CVE-2025-6205 to its KEV catalog, requiring U.S. Federal agencies to patch it by a specific date to protect their systems [1][3].
  • Technical Details/Internet Exploitability: CVE-2025-6205 has a CVSS score of 9.1, classifying it as critical [2][8]. It is an easily exploitable vulnerability that allows unauthenticated threat actors to remotely gain privileged access to unpatched applications [5][6].

Sources

  1. CISA Adds Two Known Exploited Vulnerabilities to Catalog

    CISA has added two new vulnerabilities to its KEV Catalog, based on evidence of active exploitation. ... CVE-2025-6205 Dassault Systèmes DELMIA ...

  2. The Hacker News | #1 Trusted Source for Cybersecurity News

    Oct 30, 2025 Browser Security / Vulnerability. A severe vulnerability disclosed in Chromium's Blink rendering engine can be exploited to crash many Chromium-based browsers within a few seconds. Security researcher Jose Pino, who disclosed details of the flaw, has codenamed it Brash .CVE-2025-6205 (…

  3. Known Exploited Vulnerabilities Catalog

    CVE-2025-6205. Dassault Systèmes DELMIA Apriso Missing Authorization ... An attacker could execute a specially crafted malicious script to coerce the victim ...

  4. CISA warns of two more actively exploited Dassault vulnerabilities

    The first one (CVE-2025-6205) is a critical-severity missing authorization security flaw that can allow unauthenticated threat actors to remotely gain privileged access to an unpatched application ...

  5. CISA Warns of Dassault Systèmes Vulnerabilities

    The second vulnerability, CVE-2025-6205, involves missing authorization controls categorized as CWE-862. ... those accessible from internet-facing ...

  6. CVE-2025-6205 Dassault Systèmes DELMIA Apriso authorization...

    A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to gain privileged access to the application. It is possible to read the advisory at 3ds.com. This vulnerability is uniquely identified as CVE-2025-6205 since 06/17/2025. The…

  7. Missing Authorization - CVEs - page 1

    - - CVE-2025-6205A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to gain privileged access to the application.- - CVE-2025-60166Missing Authorization vulnerability in wpshuffle WP Subscription Forms PRO allows Exploiting In…

  8. CVE-2025-6205 - Exploits & Severity - Feedly

    CVE-2025-6205 is a critical (CVSS 9.1) missing authorization vulnerability in DELMIA Apriso versions from 2020 to 2025, potentially allowing attackers to gain high-privilege access without authentication, leading to significant data exposure and system compromise. There is no evidence of a public pr…

Generated by PatchNow Intelligence System

Analysis based on CIRCL.LU data, Claude AI assessment, and MITRE ATT&CK framework

📄 Download JSON Data | 📡 RSS Feed