The Cybersecurity & Infrastructure Security Agency (CISA) has issued a warning regarding the active exploitation of multiple critical vulnerabilities in Dassault Systemes’ DELMIA Apriso, a widely used manufacturing operations management solution. Specifically, two significant flaws, CVE-2025-6204 and CVE-2025-6205, have been flagged; the former allows for arbitrary code execution via code injection, while the latter presents a missing authorization vulnerability that grants unauthorized privileged access. Both vulnerabilities affect DELMIA Apriso from Release 2020 through Release 2025 and were patched by Dassault Systemes in early August 2025. Additionally, CISA has urged all IT administrators to prioritize the application of these patches to mitigate risks, as these vulnerabilities serve as common attack vectors for cybercriminals. The situation is compounded by the presence of another critical flaw, CVE-2025-5086, which was previously identified and is also being actively exploited. The imperative for organizations to address these vulnerabilities underscores the ongoing challenges in cybersecurity, particularly given the critical role of such software in sectors like automotive and aerospace, where operational integrity and security are paramount. This incident serves as a reminder of the vital importance of robust cybersecurity measures in safeguarding sensitive industrial applications against increasingly sophisticated cyber threats.