CVE-2025-6204

HIGH KEV NUCLEI

DELMIA Apriso <2025 - Code Injection

Title source: llm

Description

An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code.

Nuclei Templates (1)

DELMIA Apriso - Command Injection

CRITICALVERIFIEDby iamnoooob,rootxharsh,parthmalhotra,pdresearch

Shodan: title:"DELMIA Apriso"

References (2)

[Vendor Advisory] https://www.3ds.com/trust-center/security/security-advisories/cve-2025-6204

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-6204

Scores

CVSS v3 8.0

EPSS 0.0761

EPSS Percentile 91.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Details

CISA KEV 2025-10-28

VulnCheck KEV 2025-10-28

ENISA EUVD EUVD-2025-23494

CWE

CWE-94

Status published

Products (1)

3ds/delmia_apriso 2020 - 2025

Published Aug 04, 2025

KEV Added Oct 28, 2025

Tracked Since Feb 18, 2026