CVE-2026-9695

Dassault Systèmes · DELMIA Apriso

An improper authentication vulnerability in Dassault Systèmes DELMIA Apriso (2020-2026) allows remote, unauthenticated attackers to gain privileged access to the server.

Executive summary

An improper authentication flaw in Dassault Systèmes DELMIA Apriso allows unauthenticated remote attackers to obtain unauthorized administrative access to the platform.

Vulnerability

This is an Improper Authentication (CWE-287) vulnerability. It allows an unauthenticated remote attacker to bypass security controls and gain privileged access to the application server.

Business impact

With a CVSS score of 9.8, this vulnerability poses an extreme risk to business operations. An attacker gaining privileged access can manipulate production workflows, steal sensitive manufacturing data, or disrupt critical industrial processes, leading to severe financial and operational consequences.

Remediation

Immediate Action: Apply the vendor-supplied patches immediately by updating to the latest service pack for your specific DELMIA Apriso release.

Proactive Monitoring: Review application access logs for anomalous login patterns, especially those originating from unexpected IP addresses or occurring outside of business hours.

Compensating Controls: Deploy a Web Application Firewall (WAF) with strict access control lists to block traffic to unauthorized administrative endpoints until the patch can be applied.

Exploitation status

Public Exploit Available: false

Analyst recommendation

This vulnerability is highly critical and presents a significant risk of full system takeover. Organizations utilizing DELMIA Apriso must prioritize these updates immediately to prevent unauthorized access to their production environments.