Cyber Posture

CVE-2025-6205

CriticalCISA KEVActive Exploitation

Published: 04 August 2025

Published
04 August 2025
Modified
29 October 2025
KEV Added
28 October 2025
Patch
CVSS Score 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score 0.7772 99.0th percentile
Risk Priority 85 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-6205 is a critical-severity Missing Authorization (CWE-862) vulnerability in 3Ds Delmia Apriso. Its CVSS base score is 9.1 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 1.0% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and AC-3 (Access Enforcement).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

AC-3 Access Enforcement good match
prevent

Mandates enforcement of approved authorizations for logical access, directly addressing the missing authorization that permitted unauthenticated attackers to gain privileged access in DELMIA Apriso.

AC-14 Permitted Actions Without Identification or Authentication good match
prevent

Restricts and documents specific actions allowable without identification or authentication, preventing privileged operations by unauthenticated remote attackers exploiting this vulnerability.

AC-6 Least Privilege partial match
prevent

Enforces least privilege to limit access to only necessary permissions, reducing the impact of bypassed or missing authorization checks granting excessive privileges.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

Missing authorization (CWE-862) in a remotely accessible enterprise application directly enables unauthenticated network exploitation to obtain privileged access, matching T1190 Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to gain privileged access to the application.

Deeper analysisAI

CVE-2025-6205 is a missing authorization vulnerability (CWE-862) affecting DELMIA Apriso from Release 2020 through Release 2025. Published on 2025-08-04, it carries a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) and enables an attacker to gain privileged access to the application.

An unauthenticated attacker (PR:N) can exploit the vulnerability remotely over the network (AV:N) with low attack complexity (AC:L) and no user interaction (UI:N). Successful exploitation provides high confidentiality (C:H) and integrity (I:H) impacts with unchanged scope (S:U) and no availability disruption (A:N), allowing the attacker to obtain privileged access.

The vendor has issued a security advisory at https://www.3ds.com/trust-center/security/security-advisories/cve-2025-6205. The vulnerability is also listed in CISA's Known Exploited Vulnerabilities Catalog at https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-6205, indicating real-world exploitation.

Details

CWE(s)
CWE-862
KEV Date Added
28 October 2025

Affected Products

3ds
delmia apriso
2020 — 2025

CVEs Like This One

CVE-2025-6204Same product: 3Ds Delmia Aprisoboth on KEV
CVE-2025-20362Shared CWE-862both on KEV
CVE-2025-67974Shared CWE-862
CVE-2026-28254Shared CWE-862
CVE-2026-3266Shared CWE-862
CVE-2025-69297Shared CWE-862
CVE-2025-69186Shared CWE-862
CVE-2026-25456Shared CWE-862
CVE-2025-13493Shared CWE-862
CVE-2026-30968Shared CWE-862

References