CVE-2025-6204 is a vulnerability classified under CWE-94, indicating improper control of code generation, commonly known as code injection. It affects Dassault Systèmes DELMIA Apriso software from Release 2020 Golden through Release 2025 Golden. The vulnerability allows an attacker to inject and execute arbitrary code within the context of the affected application. The CVSS 3.1 base score is 8.0, reflecting a high severity level. The vector string (AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H) indicates that the attack is network-based (AV:N), requires high attack complexity (AC:H), and high privileges (PR:H), with no user interaction (UI:N). The scope is changed (S:C), meaning the vulnerability affects components beyond the initially vulnerable component. The impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H), meaning an attacker could fully compromise the system. Although no public exploits are known at this time, the vulnerability poses a significant risk due to the critical nature of DELMIA Apriso in manufacturing execution and operations management. The lack of available patches at the time of publication necessitates immediate risk mitigation through access restrictions and monitoring. The vulnerability could be exploited remotely by an authenticated attacker with elevated privileges, potentially leading to full system compromise, data theft, or disruption of manufacturing processes.

The impact of CVE-2025-6204 is substantial for organizations relying on DELMIA Apriso for manufacturing execution and operations management. Successful exploitation could lead to arbitrary code execution, allowing attackers to gain control over critical industrial systems. This can result in theft or manipulation of sensitive operational data, disruption of manufacturing workflows, and potential downtime affecting production lines. The compromise of system integrity and availability could have cascading effects on supply chains and operational continuity. Given the high privileges required, insider threats or compromised administrative accounts pose a significant risk. The vulnerability's network accessibility increases the attack surface, especially in environments where DELMIA Apriso is exposed to broader networks or insufficiently segmented. The absence of known exploits currently provides a window for proactive defense, but the critical nature of the affected systems demands urgent attention to prevent potential targeted attacks.

1. Restrict network access to DELMIA Apriso systems by implementing strict firewall rules and network segmentation to limit exposure to trusted administrators only. 2. Enforce the principle of least privilege by reviewing and minimizing user privileges, especially administrative accounts, to reduce the risk of exploitation. 3. Monitor system and network logs for unusual activities indicative of code injection attempts or unauthorized access. 4. Implement multi-factor authentication (MFA) for all privileged accounts to mitigate the risk of credential compromise. 5. Prepare for patch deployment by coordinating with Dassault Systèmes for updates as soon as they become available; prioritize testing and rapid application of patches. 6. Conduct regular security assessments and penetration testing focused on DELMIA Apriso environments to identify and remediate potential weaknesses. 7. Educate operational technology (OT) and IT teams about this vulnerability and ensure incident response plans include scenarios involving code injection attacks on industrial systems. 8. Consider deploying application whitelisting and runtime application self-protection (RASP) technologies where feasible to detect and block unauthorized code execution.