← Back to CVEs
CVE-2025-6204
HIGHCISA KEV8.0
Description
An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code.
CVE Details
CVSS v3.1 Score8.0
SeverityHIGH
CVSS VectorCVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityHIGH
Privileges RequiredHIGH
User InteractionNONE
Published8/4/2025
Last Modified10/29/2025
Sourcekev
Honeypot Sightings0
CISA KEV
VendorDassault Systèmes
ProductDELMIA Apriso
Vulnerability NameDassault Systèmes DELMIA Apriso Code Injection Vulnerability
KEV Date Added2025-10-28
Remediation Due Date2025-11-18
Ransomware UseUnknown
Affected Products
3ds:delmia_apriso
Weaknesses (CWE)
CWE-94
References
https://www.3ds.com/trust-center/security/security-advisories/cve-2025-6204(3DS.Information-Security@3ds.com)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-6204(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.