Back to overview

CVE-2026-9695

CRITICAL
9.8
CVSS 3.1
Description
An Improper Authentication vulnerability affecting DELMIA Apriso from Release 2020 through Release 2026 could allow an attacker to gain privileged access to the server.

Metadata

CVE ID
CVE-2026-9695
State
PUBLISHED
Assigner
3DS
Reserved
2026-05-27 11:13 UTC
Published
2026-07-08 05:58 UTC
Last updated
2026-07-08 13:46 UTC
Primary CWE
CWE-287
CWE-287 Improper Authentication
Vendor / Product
Dassault Systèmes / DELMIA Apriso
Sources
cve.org  ·  NVD

Severity & Metrics

9.8 CRITICAL CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
SSVC — CISA Coordinator
Exploitation
none
Automatable
yes
Tech. Impact
total
Affected products (1)
VendorProductPlatformVersions
Dassault Systèmes DELMIA Apriso Release 2020 Golden ≤ Release 2020 SP4, Release 2021 Golden ≤ Release 2021 SP3, Release 2022 Golden ≤ Release 2022 SP4, Release 2023 Golden ≤ Release 2023 SP3 …
Weakness (CWE)
CWESourceDescription
CWE-287 cna CWE-287 Improper Authentication
CVSS scores (1)
ScoreSeverityVersionSourceVector
9.8 CRITICAL 3.1 cna CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Back to overview