Improper Control of Generation of Code (Code Injection) vulnerability affecting...

8 / 10

HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Description

An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code.

Basic Information

ID CVE-2025-6204

Source 3DS

Published Aug 4, 2025 at 09:14

Modified Aug 4, 2025 at 15:50

Affected Product

Vendor Dassault Systèmes

Product DELMIA Apriso

Version Release 2020 Golden

Affected Versions Dassault Systèmes DELMIA Apriso Release 2020 Golden
Dassault Systèmes DELMIA Apriso Release 2021 Golden
Dassault Systèmes DELMIA Apriso Release 2022 Golden
Dassault Systèmes DELMIA Apriso Release 2023 Golden
Dassault Systèmes DELMIA Apriso Release 2024 Golden
Dassault Systèmes DELMIA Apriso Release 2025 Golden

CWE Classification

CWE-94

References

www.3ds.com /trust-center/security/security-advisories/cve-2025-6204

{
    "lastseen": "",
    "description": "An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code.",
    "published": "2025-08-04T09:14:08.343Z",
    "modified": "2025-08-04T15:50:49.434Z",
    "type": "cve",
    "title": "Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025",
    "source": "3DS",
    "references": "https://www.3ds.com/trust-center/security/security-advisories/cve-2025-6204",
    "id": "CVE-2025-6204",
    "bulletinFamily": "",
    "cwe": [
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "Dassault Syst\u00e8mes DELMIA Apriso Release 2020 Golden\nDassault Syst\u00e8mes DELMIA Apriso Release 2021 Golden\nDassault Syst\u00e8mes DELMIA Apriso Release 2022 Golden\nDassault Syst\u00e8mes DELMIA Apriso Release 2023 Golden\nDassault Syst\u00e8mes DELMIA Apriso Release 2024 Golden\nDassault Syst\u00e8mes DELMIA Apriso Release 2025 Golden",
    "sourceHref": "",
    "cvss": {
        "score": 8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DELMIA Apriso",
    "version": "Release 2020 Golden",
    "vendor": "Dassault Syst\u00e8mes",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025_CVE-2025-6204