Patch Now! Attacks on DELMIA Apriso Observed
Manufacturing management tool DELMIA Apriso is currently a focus for attackers. Security patches have been available for download since the summer of this year.
(Image: AFANASEV IVAN/Shutterstock.com)
Attackers are targeting DELMIA Apriso from Dassault Systèmes, potentially executing malicious code in the worst-case scenario. Due to ongoing attacks, administrators should act quickly.
DELMIA Apriso functions as manufacturing operations management (MOM) software and a manufacturing execution system (MES). It is used to control global production processes, for example, in the automotive sector in Germany.
The Dangers
The US cybersecurity authority, Cybersecurity & Infrastructure Security Agency (CISA), is warning about these attacks in a post. The extent of the attacks is currently unclear. In August of this year, the developers released warnings about two vulnerabilities (CVE-2025-6204 “high”, CVE-2025-6205 “critical”) published.
According to them, various versions from releases 2020 to 2025 are affected. Unfortunately, the version number of the patched release is not evident from the advisories. It is visible in an area accessible only to customers.
If attackers successfully exploit the vulnerabilities, they can gain higher privileges or even execute malicious code to compromise systems. How the current attacks are proceeding is currently unclear.
Videos by heise
Most recently, in September of this year, the developers closed a “critical” security vulnerability in the manufacturing management tool that attackers had exploited.
(des)
