Cybersecurity alerts reveal active exploitation of vulnerabilities affecting Dassault Systèmes DELMIA Apriso and XWiki, with attackers deploying malware through two-stage attack chains. Organizations are urged to update their systems promptly to prevent hacking and cryptocurrency-mining threats. #DassaultSystèmes #XWiki #CISA #VulnCheck
Keypoints
- Multiple security flaws in Dassault Systèmes DELMIA Apriso and XWiki are being actively exploited by threat actors.
- Vulnerabilities CVE-2025-6204 and CVE-2025-6205 affect DELMIA Apriso versions from 2020 to 2025 and have been patched in August.
- CVE-2025-24893 in XWiki enables arbitrary remote code execution by guest users and is being weaponized in real-world attacks.
- Exploit attempts originate from IPs in Vietnam and are part of a two-stage attack chain delivering cryptocurrency miners.
- Organizations are advised to apply updates by November 18, 2025, to prevent exploitation, especially civil agencies in the U.S.
Read More: https://thehackernews.com/2025/10/active-exploits-hit-dassault-and-xwiki.html