CVE-2026-9695
Dassault Systèmes · DELMIA Apriso
An improper authentication vulnerability in Dassault Systèmes DELMIA Apriso (2020-2026) allows remote, unauthenticated attackers to gain privileged access to the server.
Executive summary
An improper authentication flaw in Dassault Systèmes DELMIA Apriso allows unauthenticated remote attackers to obtain unauthorized administrative access to the platform.
Vulnerability
This is an Improper Authentication (CWE-287) vulnerability. It allows an unauthenticated remote attacker to bypass security controls and gain privileged access to the application server.
Business impact
With a CVSS score of 9.8, this vulnerability poses an extreme risk to business operations. An attacker gaining privileged access can manipulate production workflows, steal sensitive manufacturing data, or disrupt critical industrial processes, leading to severe financial and operational consequences.
Remediation
Immediate Action: Apply the vendor-supplied patches immediately by updating to the latest service pack for your specific DELMIA Apriso release.
Proactive Monitoring: Review application access logs for anomalous login patterns, especially those originating from unexpected IP addresses or occurring outside of business hours.
Compensating Controls: Deploy a Web Application Firewall (WAF) with strict access control lists to block traffic to unauthorized administrative endpoints until the patch can be applied.
Exploitation status
Public Exploit Available: false
Analyst recommendation
This vulnerability is highly critical and presents a significant risk of full system takeover. Organizations utilizing DELMIA Apriso must prioritize these updates immediately to prevent unauthorized access to their production environments.