Dassault Syst Mes Delmia Apriso vulnerabilities
9 known vulnerabilities affecting dassault_syst_mes/delmia_apriso.
Total CVEs
9
CISA KEV
3
actively exploited
Public exploits
4
Exploited in wild
3
Severity breakdown
CRITICAL3HIGH5MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2025-5086P1CRITICALCVSS 9.0KEVPoC≥ Release 2020 Golden, ≤ Release 2020 SP4≥ Release 2021 Golden, ≤ Release 2021 SP3+4 more2025-06-02
CVE-2025-5086 [CRITICAL] CWE-502 CVE-2025-5086: A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through
A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could lead to a remote code execution.
nvd
CVE-2025-6205P1CRITICALCVSS 9.1KEVPoC≥ Release 2020 Golden, ≤ Release 2020 SP4≥ Release 2021 Golden, ≤ Release 2021 SP3+4 more2025-08-04
CVE-2025-6205 [CRITICAL] CWE-862 CVE-2025-6205: A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025
A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to gain privileged access to the application.
nvd
CVE-2025-6204P1HIGHCVSS 8.0KEVPoC≥ Release 2020 Golden, ≤ Release 2020 SP4≥ Release 2021 Golden, ≤ Release 2021 SP3+4 more2025-08-04
CVE-2025-6204 [HIGH] CWE-94 CVE-2025-6204: An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso fro
An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code.
nvd
CVE-2024-3300P2CRITICALCVSS 9.0PoC≥ Release 2019 Golden, ≤ Release 2019 SP5≥ Release 2020 Golden, ≤ Release 2020 SP4+4 more2024-05-30
CVE-2024-3300 [CRITICAL] CWE-502 CVE-2024-3300: An unsafe .NET object deserialization vulnerability in DELMIA Apriso Release 2019 through Release 20
An unsafe .NET object deserialization vulnerability in DELMIA Apriso Release 2019 through Release 2024 could lead to pre-authentication remote code execution.
nvd
CVE-2023-2141P3HIGHCVSS 8.8≥ Apriso 2017 Golden, ≤ Apriso 2017 SP7≥ Apriso 2018 Golden, ≤ Apriso 2018 SP4+4 more2023-04-21
CVE-2023-2141 [HIGH] CWE-502 CVE-2023-2141: An unsafe .NET object deserialization in DELMIA Apriso Release 2017 through Release 2022 could lead
An unsafe .NET object deserialization in DELMIA Apriso Release 2017 through Release 2022 could lead to post-authentication remote code execution.
nvd
CVE-2024-3301P3HIGHCVSS 8.5≥ Release 2019 Golden, ≤ Release 2019 SP5≥ Release 2020 Golden, ≤ Release 2020 SP4+4 more2024-05-30
CVE-2024-3301 [HIGH] CWE-502 CVE-2024-3301: An unsafe .NET object deserialization vulnerability in DELMIA Apriso Release 2019 through Release 20
An unsafe .NET object deserialization vulnerability in DELMIA Apriso Release 2019 through Release 2024 could lead to post-authentication remote code execution.
nvd
CVE-2023-2140P3HIGHCVSS 7.5≥ Apriso 2017 Golden, ≤ Apriso 2017 SP7≥ Apriso 2018 Golden, ≤ Apriso 2018 SP4+4 more2023-04-21
CVE-2023-2140 [HIGH] CWE-918 CVE-2023-2140: A Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2017 through Release 2022 co
A Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2017 through Release 2022
could allow an unauthenticated attacker to issue requests to arbitrary hosts on behalf of the server running the DELMIA Apriso application.
nvd
CVE-2024-0935P3HIGHCVSS 7.5≥ Apriso 2019 Golden, ≤ Apriso 2019 SP5≥ Apriso 2020 Golden, ≤ Apriso 2020 SP4+4 more2024-02-01
CVE-2024-0935 [HIGH] CWE-532 CVE-2024-0935: Insertion of Sensitive Information into Log File vulnerabilities are affecting DELMIA Apriso Release
Insertion of Sensitive Information into Log File vulnerabilities are affecting DELMIA Apriso Release 2019 through Release 2024
nvd
CVE-2023-2139P4MEDIUMCVSS 6.1≥ Apriso 2017 Golden, ≤ Apriso 2017 SP7≥ Apriso 2018 Golden, ≤ Apriso 2018 SP4+4 more2023-04-21
CVE-2023-2139 [MEDIUM] CWE-79 CVE-2023-2139: A reflected Cross-site Scripting (XSS) Vulnerability in DELMIA Apriso Release 2017 through Release
A reflected Cross-site Scripting (XSS) Vulnerability in DELMIA Apriso Release 2017 through Release 2022 allows an attacker to execute arbitrary script code.
nvd