Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

DELMIA Apriso patch release for CVE-2025-6204 and CVE-2025-6205

Security Patch Release
First reported
Last updated
Happening score
H score 52
1 unique sources, 1 articles

Summary

Hide ▲

Dassault Systèmes released patches and barebone advisories for DELMIA Apriso vulnerabilities CVE-2025-6204 and CVE-2025-6205, covering releases 2020 through 2025 and addressing flaws that can enable arbitrary code execution and privileged access. The update landed on August 4. The patched issues were later tied to known exploitation in the wild.

Related Happenings

Pretalx version 2026.1.0 security update for CVE-2026-41241

Security Patch Release
First: 27.05.2026 17:30 Last: 27.05.2026 17:30 Sources 1

About this happening: **Pretalx** released **version 2026.1.0** to patch **CVE-2026-41241**, a **stored XSS** flaw that could compromise organizer accounts in conference deployments. The update closes...

Open Happening

Drupal core security update for CVE-2026-9082

Security Patch Release
First: 22.05.2026 16:14 Last: 22.05.2026 16:14 Sources 1

About this happening: **Drupal** released security updates for **CVE-2026-9082**, a highly critical SQL injection flaw affecting **PostgreSQL**-backed sites, and urged administrators to **upgrade immed...

Open Happening

Microsoft security patch release for CVE-2026-41089

Security Patch Release
First: 13.05.2026 00:46 Last: 13.05.2026 00:46 Sources 1

About this happening: **Microsoft** and other major software vendors shipped a heavy **May 2026** patch cycle, with fixes spanning **Windows**, **iOS**, **Firefox**, **Oracle** products, and **Chrome**...

Open Happening

Linux kernel Dirty Frag patch release (CVE-2026-43284, CVE-2026-43500)

Security Patch Release
First: 11.05.2026 17:30 Last: 11.05.2026 17:30 Sources 1

About this happening: **Major Linux distributions** are rolling out fixes for **Dirty Frag**, the **Linux kernel** patch release that covers **CVE-2026-43284** and **CVE-2026-43500**. The update matter...

Open Happening

PackageKit 1.3.5 security update (CVE-2026-41651)

Security Patch Release
First: 24.04.2026 20:28 Last: 24.04.2026 20:28 Sources 1

About this happening: **PackageKit version 1.3.5** was released to fix **CVE-2026-41651**, closing a **local privilege-escalation** path that could let Linux users gain **root permissions**. The update...

Open Happening

Timeline

  1. 29.10.2025 10:24 2 articles · 7mo ago

    Dassault Systèmes patches DELMIA Apriso CVE-2025-6204 and CVE-2025-6205

    Mitigation Patch Update

    Dassault Systèmes released patches and barebone advisories for DELMIA Apriso CVE-2025-6204 and CVE-2025-6205, covering releases 2020 through 2025 and addressing a code injection bug and a missing authorization issue.

    Show sources
    Open in new tab
  2. 29.10.2025 10:24 1 articles · 7mo ago

    ProjectDiscovery details the DELMIA Apriso privilege escalation chain

    Technical Analysis Update

    ProjectDiscovery published technical details showing that CVE-2025-6204 and CVE-2025-6205 can be chained to create accounts with elevated privileges and then place executable files into a web-served directory in DELMIA Apriso.

    Show sources
    Open in new tab
  3. 29.10.2025 10:24 1 articles · 7mo ago

    CISA adds DELMIA Apriso flaws CVE-2025-6204 and CVE-2025-6205 to KEV

    Initial Disclosure

    CISA warned that DELMIA Apriso CVE-2025-6204 and CVE-2025-6205 had been exploited in the wild and added both flaws to its Known Exploited Vulnerabilities (KEV) list, with federal agencies told to patch within three weeks under Binding Operational Directive (BOD) 22-01.

    Show sources
    Open in new tab