3Ds Delmia Apriso vulnerabilities
7 known vulnerabilities affecting 3ds/delmia_apriso.
Total CVEs
7
CISA KEV
3
actively exploited
Public exploits
3
Exploited in wild
3
Severity breakdown
CRITICAL2HIGH4MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2025-5086P1CRITICALCVSS 9.0KEVPoC≥ 2020, ≤ 20252025-06-02
CVE-2025-5086 [CRITICAL] CWE-502 CVE-2025-5086: A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through
A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could lead to a remote code execution.
nvd
CVE-2025-6205P1CRITICALCVSS 9.1KEVPoC≥ 2020, < 20252025-08-04
CVE-2025-6205 [CRITICAL] CWE-862 CVE-2025-6205: A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025
A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to gain privileged access to the application.
nvd
CVE-2025-6204P1HIGHCVSS 8.0KEVPoC≥ 2020, ≤ 20252025-08-04
CVE-2025-6204 [HIGH] CWE-94 CVE-2025-6204: An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso fro
An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code.
nvd
CVE-2023-2141P3HIGHCVSS 8.8≥ 2017, ≤ 20222023-04-21
CVE-2023-2141 [HIGH] CWE-502 CVE-2023-2141: An unsafe .NET object deserialization in DELMIA Apriso Release 2017 through Release 2022 could lead
An unsafe .NET object deserialization in DELMIA Apriso Release 2017 through Release 2022 could lead to post-authentication remote code execution.
nvd
CVE-2023-2140P3HIGHCVSS 7.5≥ 2017, ≤ 20222023-04-21
CVE-2023-2140 [HIGH] CWE-918 CVE-2023-2140: A Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2017 through Release 2022 co
A Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2017 through Release 2022
could allow an unauthenticated attacker to issue requests to arbitrary hosts on behalf of the server running the DELMIA Apriso application.
nvd
CVE-2024-0935P3HIGHCVSS 7.5≥ 2019, ≤ 20242024-02-01
CVE-2024-0935 [HIGH] CWE-532 CVE-2024-0935: Insertion of Sensitive Information into Log File vulnerabilities are affecting DELMIA Apriso Release
Insertion of Sensitive Information into Log File vulnerabilities are affecting DELMIA Apriso Release 2019 through Release 2024
nvd
CVE-2023-2139P4MEDIUMCVSS 6.1≥ release_2017, ≤ release_20222023-04-21
CVE-2023-2139 [MEDIUM] CWE-79 CVE-2023-2139: A reflected Cross-site Scripting (XSS) Vulnerability in DELMIA Apriso Release 2017 through Release
A reflected Cross-site Scripting (XSS) Vulnerability in DELMIA Apriso Release 2017 through Release 2022 allows an attacker to execute arbitrary script code.
nvd