CVE-2025-6204
Published: 04 August 2025
Summary
CVE-2025-6204 is a high-severity Code Injection (CWE-94) vulnerability in 3Ds Delmia Apriso. Its CVSS base score is 8.0 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 6.7% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2025-6204 is an improper control of code generation vulnerability, also described as code injection under CWE-94, that affects Dassault Systèmes DELMIA Apriso releases from 2020 through 2025. The flaw permits an attacker to execute arbitrary code on the affected manufacturing operations platform.
Successful exploitation requires an authenticated attacker with high privileges to supply malicious input over the network, resulting in full confidentiality, integrity, and availability impact with changed scope. The CVSS 8.0 rating reflects the high complexity and administrative access needed, yet the changed scope indicates potential lateral movement beyond the initial component.
The vendor advisory at 3ds.com details remediation steps and patch availability for supported releases, while CISA has added the CVE to its Known Exploited Vulnerabilities catalog, confirming observed in-the-wild exploitation.
EPSS scores rose from a low baseline to a peak of 0.2011 before settling at the current 0.1018, indicating growing exploitation interest after public disclosure and warranting renewed attention from practitioners.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-23494
Vulnerability details
An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code.
- CWE(s)
- KEV Date Added
- 28 October 2025
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CWE-94 code injection in network-accessible DELMIA Apriso directly enables remote arbitrary code execution (RCE) matching T1190 Exploit Public-Facing Application.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the code injection vulnerability in DELMIA Apriso by requiring timely application of vendor patches to prevent arbitrary code execution.
Prevents code injection attacks by enforcing validation of inputs used in dynamic code generation, addressing the core CWE-94 flaw in the affected software.
Mitigates arbitrary code execution resulting from successful code injection through memory protections like DEP and ASLR, limiting exploit impact despite high privileges.