BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

CISA Warns of Active Exploits in DELMIA Apriso, XWiki Flaws

Active Exploitation of Critical Vulnerabilities in Dassault Systèmes DELMIA Apriso and XWiki Enables Remote Code Execution and Cryptocurrency Mining Campaigns

  • Threat actors are exploiting vulnerabilities in Dassault Systèmes DELMIA Apriso and XWiki.
  • CVE-2025-24893 in XWiki enables remote code execution by any guest user.
  • CVE-2025-6204 and CVE-2025-6205 affect DELMIA Apriso versions from 2020 to 2025 and allow code injection and privilege escalation.
  • Exploitation attempts include delivering cryptocurrency miners and disabling competing Malware.
  • Users are urged to apply security updates promptly, with some agencies required to patch by November 18, 2025.

Threat actors are actively exploiting multiple security flaws found in Dassault Systèmes DELMIA Apriso and XWiki, according to alerts from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and VulnCheck. The vulnerabilities allow remote code execution and unauthorized access.

- Advertisement -

Specifically, CVE-2025-6204 is a code injection vulnerability with a CVSS score of 8.0, and CVE-2025-6205 is a missing authorization flaw with a score of 9.1, both impacting DELMIA Apriso releases from 2020 through 2025. These were patched by the vendor in early August. Meanwhile, CVE-2025-24893, rated 9.8, is an eval injection in XWiki allowing any guest user to execute arbitrary code through the “/bin/get/Main/SolrSearch” endpoint.

VulnCheck reported that CVE-2025-24893 is exploited in a two-stage attack delivering cryptocurrency mining malware. The attacker first stages a downloader, which retrieves further payloads including a miner and a tool to remove competing malware like XMRig and Kinsing. The attack traffic originates from an IP address in Vietnam flagged for malicious activity, according to AbuseIPDB.

“We observed multiple exploit attempts against our XWiki canaries coming from an attacker geolocated in Vietnam,” said VulnCheck’s Jacob Baines. “The exploitation proceeds in a two-pass workflow separated by at least 20 minutes: the first pass stages a downloader (writes a file to disk), and the second pass later executes it.”

The vulnerabilities have been added recently to the Known Exploited Vulnerabilities catalog. Active exploitation follows earlier attacks targeting a separate critical flaw in DELMIA Apriso, reported in September. Civilian Executive Branch agencies are required to remediate the DELMIA Apriso flaws by November 18, 2025. Users are advised to apply updates promptly to reduce risk.

- Advertisement -

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

Oil Plunges 20% as US-Iran Peace Deal Hangs in Balance

Brent and crude oil prices have fallen nearly 20% in a month after a...

Semiconductors Beat Big Tech, Crypto by 102% in H1

Semiconductor stocks surged 102% in H1 2026, crushing the Magnificent Seven and Bitcoin ...

Crypto Options Skew Hits Record High as Institutional Bid Vanishes

CME futures open interest has dropped to a 32-month low, signaling the institutional bid...

SpaceX Joins Nasdaq-100, Triggering ETF Demand

SpaceX joins the Nasdaq-100 on Tuesday, but its index weight is limited to roughly...

Strategy’s $216M Bitcoin Sale Bolsters BTC and STRC Confidence

Strategy sold 3,588 BTC ($216 million) on Monday to fund preferred stock dividend payments...

Must Read

Top 10 BEST Crypto Trading Books for New Traders

If you're thinking of diving into the crypto trading space, acquiring solid knowledge isn't just recommended - it's essential to protect your investment.Learning...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading