This week highlights enhancements to detection signatures improving coverage for vulnerabilities in DELMIA Apriso, linked to CVE-2025-6205.
Key Findings
This vulnerability allows unauthenticated attackers to gain privileged access to the application. The latest update provides enhanced detection logic for resilient protection against exploitation attempts.
Impact
- DELMIA Apriso (CVE-2025-6205): Exploitation could allow an unauthenticated remote attacker to bypass security checks by sending specially crafted requests to the application’s message processor. This enables the creation of arbitrary employee accounts, which can be leveraged to modify system configurations and achieve full system compromise.
| Ruleset | Rule ID | Legacy Rule ID | Description | Previous Action | New Action | Comments |
|---|---|---|---|---|---|---|
| Cloudflare Managed Ruleset | ec1e2aa190e64e7cb468e16dd256f4bc | N/A | DELMIA Apriso – Auth Bypass – CVE:CVE-2025-6205 | Log | Block | This is a new detection. |
| Cloudflare Managed Ruleset | fae6fa37ae9249d58628e54b1a3e521e | N/A | PHP Wrapper Injection – Body | N/A | Disabled | Rule metadata description refined. Detection unchanged. |
| Cloudflare Managed Ruleset | 9c02e585db34440da620eb668f76bd74 | N/A | PHP Wrapper Injection – URI | N/A | Disabled | Rule metadata description refined. Detection unchanged. |
Source: Cloudflare
Latest Posts
- Dynamics 365 Customer Service – Quality Evaluation Agent for Bulk Case Evaluation [MC1234588]
- (Updated) Microsoft Teams admin center: App centric management for app installation and changes to app setup policies [MC795355]
- (Update)Microsoft 365 and Microsoft Teams: Unified management of Teams apps in Teams, Outlook, and the Microsoft 365 app [MC796790]
- (Updated) Microsoft Purview: Role management update [MC1199765]
