← Voltar para CVEs
CVE-2025-6205
CRITICALCISA KEV9.1
Descricao
A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to gain privileged access to the application.
Detalhes CVE
Pontuacao CVSS v3.19.1
SeveridadeCRITICAL
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado8/4/2025
Ultima modificacao10/29/2025
Fontekev
Avistamentos honeypot0
CISA KEV
FornecedorDassault Systèmes
ProdutoDELMIA Apriso
Nome da vulnerabilidadeDassault Systèmes DELMIA Apriso Missing Authorization Vulnerability
Data inclusao KEV2025-10-28
Prazo de remediacao2025-11-18
Uso em ransomwareUnknown
Produtos afetados
3ds:delmia_apriso
Fraquezas (CWE)
CWE-862
Referencias
https://www.3ds.com/trust-center/security/security-advisories/cve-2025-6205(3DS.Information-Security@3ds.com)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-6205(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.