This week highlights enhancements to detection signatures improving coverage for vulnerabilities in DELMIA Apriso, linked to CVE-2025-6205.
Key Findings
This vulnerability allows unauthenticated attackers to gain privileged access to the application. The latest update provides enhanced detection logic for resilient protection against exploitation attempts.
Impact
- DELMIA Apriso (CVE-2025-6205): Exploitation could allow an unauthenticated remote attacker to bypass security checks by sending specially crafted requests to the application’s message processor. This enables the creation of arbitrary employee accounts, which can be leveraged to modify system configurations and achieve full system compromise.
| Ruleset | Rule ID | Legacy Rule ID | Description | Previous Action | New Action | Comments |
|---|---|---|---|---|---|---|
| Cloudflare Managed Ruleset | ec1e2aa190e64e7cb468e16dd256f4bc | N/A | DELMIA Apriso – Auth Bypass – CVE:CVE-2025-6205 | Log | Block | This is a new detection. |
| Cloudflare Managed Ruleset | fae6fa37ae9249d58628e54b1a3e521e | N/A | PHP Wrapper Injection – Body | N/A | Disabled | Rule metadata description refined. Detection unchanged. |
| Cloudflare Managed Ruleset | 9c02e585db34440da620eb668f76bd74 | N/A | PHP Wrapper Injection – URI | N/A | Disabled | Rule metadata description refined. Detection unchanged. |
Source: Cloudflare
Latest Posts
- Power Platform admin center – Manage external authentication provider governance [MC1210742]
- Dynamics 365 Contact Center – Debug issues in automatic assignment with enhanced logs [MC1210746]
- Dynamics 365 Contact Center – Debug routing issues with Application Insights dashboard [MC1210743]
- Power Pages – Build modern single-page applications [MC1210747]
