Concise Cyber

Subscribe below for free to get these delivered straight to your inbox

Advertisements
CISA Confirms Active Exploits Targeting Critical Dassault and XWiki Flaws
Advertisements

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with security researchers at VulnCheck, has issued alerts confirming that threat actors are actively exploiting multiple critical vulnerabilities in products from Dassault Systèmes and XWiki. The confirmations highlight an immediate and ongoing threat to users of the affected software platforms, prompting official warnings for organizations to take defensive measures.

Dassault DELMIA Apriso Flaws Under Attack

Two significant vulnerabilities impacting Dassault Systèmes’ DELMIA Apriso manufacturing operations management software are being leveraged in active attacks. The first flaw, identified as CVE-2025-6204, is a code injection vulnerability with a CVSS score of 8.0. According to the advisory, this vulnerability allows an attacker to execute arbitrary code on a targeted system. The second, CVE-2025-6205, is a more severe missing authorization vulnerability with a CVSS score of 9.1. Exploitation of this flaw allows an attacker to gain privileged access to the application. The identified vulnerabilities affect DELMIA Apriso versions from Release 2020 through Release 202…

Critical 9.8 CVSS XWiki Vulnerability Exploited

A critical remote code execution (RCE) vulnerability in the XWiki open-source platform is also confirmed to be under active exploitation. Tracked as CVE-2025-24893, this flaw carries a critical CVSS score of 9.8, reflecting its extreme severity. The vulnerability is an improper neutralization of input in a dynamic evaluation call, also known as an “eval injection.” This security gap allows any unauthenticated guest user to perform arbitrary remote code execution by sending a specially crafted request to the “/bin/get/Main/SolrSearch” endpoint. The active exploitation of such a high-impact flaw presents a severe risk to publicly accessible XWiki instances.

CISA has added these vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation. This action underscores the urgency for system administrators to prioritize patching and mitigation efforts according to vendor advisories to protect their networks from these ongoing attacks.

All articles are written here with the help of AI on the basis of openly available information which cannot be independently verified. We do strive to quote the relevant sources.The intent is only to summarise what is already reported in public forum in our own wordswith no intention to plagarise or copy other person’s work.The publisher has no intent to defame or cause offence to anyone, any person or any organisation at any moment.The publisher assumes no responsibility for any damage or loss caused by making decisions on the basis of whatever is published on cyberconcise.com.You’re advised to do your own checks and balances before making any decision, and owners and publishers at cyberconcise.com cannot be held accountable for its resulting ramifications.If you have any objections, concerns or point out anything factually incorrect, please reach out using the form on https://concisecyber.com/about/

Discover more from Concise Cyber

Subscribe now to keep reading and get access to the full archive.

Continue reading