This week highlights enhancements to detection signatures improving coverage for vulnerabilities in DELMIA Apriso, linked to CVE-2025-6205.
Key Findings
This vulnerability allows unauthenticated attackers to gain privileged access to the application. The latest update provides enhanced detection logic for resilient protection against exploitation attempts.
Impact
- DELMIA Apriso (CVE-2025-6205): Exploitation could allow an unauthenticated remote attacker to bypass security checks by sending specially crafted requests to the application’s message processor. This enables the creation of arbitrary employee accounts, which can be leveraged to modify system configurations and achieve full system compromise.
| Ruleset | Rule ID | Legacy Rule ID | Description | Previous Action | New Action | Comments |
|---|---|---|---|---|---|---|
| Cloudflare Managed Ruleset | ec1e2aa190e64e7cb468e16dd256f4bc | N/A | DELMIA Apriso – Auth Bypass – CVE:CVE-2025-6205 | Log | Block | This is a new detection. |
| Cloudflare Managed Ruleset | fae6fa37ae9249d58628e54b1a3e521e | N/A | PHP Wrapper Injection – Body | N/A | Disabled | Rule metadata description refined. Detection unchanged. |
| Cloudflare Managed Ruleset | 9c02e585db34440da620eb668f76bd74 | N/A | PHP Wrapper Injection – URI | N/A | Disabled | Rule metadata description refined. Detection unchanged. |
Source: Cloudflare
Latest Posts
- Dynamics 365 Customer Service- Estimate AI credits for agents from forecasted demand [MC1307183]
- Microsoft Power Automate – Automate administrator-level desktop applications in unattended runs [MC1307177]
- Microsoft Dataverse – Create Dataverse agent users with Microsoft Entra agent identity [MC1307182]
- GCP Release Notes: May 08, 2026
