← Voltar para CVEs
CVE-2025-6204
HIGHCISA KEV8.0
Descricao
An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code.
Detalhes CVE
Pontuacao CVSS v3.18.0
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeHIGH
Privilegios necessariosHIGH
Interacao do usuarioNONE
Publicado8/4/2025
Ultima modificacao10/29/2025
Fontekev
Avistamentos honeypot0
CISA KEV
FornecedorDassault Systèmes
ProdutoDELMIA Apriso
Nome da vulnerabilidadeDassault Systèmes DELMIA Apriso Code Injection Vulnerability
Data inclusao KEV2025-10-28
Prazo de remediacao2025-11-18
Uso em ransomwareUnknown
Produtos afetados
3ds:delmia_apriso
Fraquezas (CWE)
CWE-94
Referencias
https://www.3ds.com/trust-center/security/security-advisories/cve-2025-6204(3DS.Information-Security@3ds.com)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-6204(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.