PatchSiren cyber security CVE debrief
CVE-2025-6204 Dassault Systèmes CVE debrief
CVE-2025-6204 affects Dassault Systèmes DELMIA Apriso and is described by CISA as a code injection vulnerability. CISA added it to the Known Exploited Vulnerabilities catalog on 2025-10-28, which makes it a high-priority issue for defenders. Organizations running DELMIA Apriso should review the vendor’s advisory and apply any available mitigations as soon as possible, or discontinue use if mitigations are not available.
- Vendor
- Dassault Systèmes
- Product
- DELMIA Apriso
- CVSS
- Unknown
- CISA KEV
- Listed
- Original CVE published
- 2025-10-28
- Original CVE updated
- 2025-10-28
- Advisory published
- 2025-10-28
- Advisory updated
- 2025-10-28
Who should care
Security, infrastructure, and application teams responsible for Dassault Systèmes DELMIA Apriso deployments; incident response teams; and risk owners overseeing environments that rely on the product, especially any internet-facing or externally reachable instances.
Technical summary
The publicly supplied source corpus identifies CVE-2025-6204 as a code injection vulnerability in Dassault Systèmes DELMIA Apriso. The available corpus does not include CVSS metrics, exploit mechanics, affected version ranges, or attack preconditions, so the most defensible summary is that CISA has confirmed this issue as known exploited and directs organizations to follow vendor mitigation guidance. Official references in the corpus include the CVE record, NVD entry, Dassault Systèmes security advisory link cited by CISA, and the CISA KEV catalog entry.
Defensive priority
Urgent. Placement in CISA’s Known Exploited Vulnerabilities catalog means defenders should treat remediation as time-sensitive and prioritize validation, mitigation, and inventory review over routine patch scheduling.
Recommended defensive actions
- Confirm whether any Dassault Systèmes DELMIA Apriso instances are present in your environment, including hosted or cloud-managed deployments.
- Review the Dassault Systèmes security advisory linked from CISA for product-specific mitigation or patch instructions.
- Apply vendor-recommended mitigations or updates as soon as they are available and operationally feasible.
- If mitigations are unavailable, follow CISA guidance to discontinue use of the product until a safe remediation path exists.
- For cloud services, follow applicable BOD 22-01 guidance referenced by CISA.
- Validate that remediation has been completed before the CISA KEV due date of 2025-11-18.
- Track exposure and compensating controls in case immediate remediation is not possible.
Evidence notes
Supported facts in the supplied corpus are limited to: vendor = Dassault Systèmes; product = DELMIA Apriso; vulnerability type = code injection; CISA KEV date added = 2025-10-28; CISA KEV due date = 2025-11-18; known ransomware campaign use = Unknown; and CISA’s required action language. No CVSS score, severity rating, affected versions, exploit chain, or incident details were provided in the corpus, so this debrief avoids adding unsupported specifics.
Official resources
-
CVE-2025-6204 CVE record
CVE.org
-
CVE-2025-6204 NVD detail
NVD
-
CISA Known Exploited Vulnerabilities catalog
CISA - Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
-
Source item URL
cisa_kev
Publicly disclosed and added to CISA’s Known Exploited Vulnerabilities catalog on 2025-10-28.