Dassault Systèmes
Company Details
Linkedin ID:
dassaultsystemes
Website:
Employees number:
27,261
Number of followers:
955,420
NAICS:
5112
Industry Type:
Homepage:
3ds.com
IP Addresses:
172
Company ID:
DAS_8255362
Scan Status:
Completed
Dassault Systèmes Company CyberSecurity Posture
3ds.com
Dassault Systèmes is a catalyst for human progress. Since 1981, the company has pioneered virtual worlds to improve real life for consumers, patients and citizens. With Dassault Systèmes’ 3DEXPERIENCE platform, 370,000 customers of all sizes, in all industries, can collaborate, imagine and create sustainable innovations that drive meaningful impact. For more information, visit: https://www.3ds.com
Dassault Systèmes A.I CyberSecurity Scoring
Dassault Systèmes Risk Score (AI oriented)Between 800 and 849
Dassault Systèmes
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Dassault Systèmes Global Score (TPRM)XXXX
Dassault Systèmes
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Dassault Systèmes Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Dassault Systèmes
Vulnerability
Rankiteo Explanation
Attack threatening the organization's existence
Description: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about active exploitation of **CVE-2025-5086**, a critical **remote code execution (RCE) vulnerability** in **DELMIA Apriso**, Dassault Systèmes’ Manufacturing Operations Management (MOM) and Execution (MES) solution. The flaw, a **deserialization of untrusted data** issue (CVSS v3: 9.0), affects all versions from **Release 2020 to 2025** and enables attackers to execute arbitrary code via malicious SOAP requests containing a **Base64-encoded, GZIP-compressed .NET executable**.Exploitation attempts were observed by **SANS ISC**, originating from IP **156.244.33[.]162**, likely automated scans. The payload, a Windows executable flagged as malicious, could disrupt **production scheduling, quality management, resource allocation, and warehouse operations**—critical functions in **automotive, aerospace, electronics, and industrial machinery sectors**. CISA mandated federal agencies to patch or discontinue use by **October 2**, urging global private organizations to follow suit. A successful attack could **halt factory operations, compromise process standardization, or disrupt supply chains**, posing severe operational and financial risks to dependent industries.
Dassault Systèmes Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Dassault Systèmes
Incidents vs Software Development Industry Average (This Year)
No incidents recorded for Dassault Systèmes in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Dassault Systèmes in 2025.
Incident Types Dassault Systèmes vs Software Development Industry Avg (This Year)
No incidents recorded for Dassault Systèmes in 2025.
Incident History — Dassault Systèmes (X = Date, Y = Severity)
Dassault Systèmes cyber incidents detection timeline including parent company and subsidiaries
Dassault Systèmes Company Subsidiaries
Dassault Systèmes is a catalyst for human progress. Since 1981, the company has pioneered virtual worlds to improve real life for consumers, patients and citizens. With Dassault Systèmes’ 3DEXPERIENCE platform, 370,000 customers of all sizes, in all industries, can collaborate, imagine and create sustainable innovations that drive meaningful impact. For more information, visit: https://www.3ds.com
Loading...
Dassault Systèmes Similar Companies
Airbnb
Airbnb was born in 2007 when two hosts welcomed three guests to their San Francisco home, and has since grown to over 5 million hosts who have welcomed over 2 billion guest arrivals in almost every country across the globe. Every day, hosts offer unique stays, experiences and services that make it p
HubSpot
HubSpot is a leading CRM platform that provides software and support to help businesses grow better. Our platform includes marketing, sales, service, and website management products that start free and scale to meet our customers’ needs at any stage of growth. Today, thousands of customers around th
GlobalLogic
GlobalLogic, a Hitachi Group company, is a trusted partner in design, data, and digital engineering for the world’s largest and most innovative companies. Since our inception in 2000, we have been at the forefront of the digital revolution, helping to create some of the most widely used digital prod
Cox Automotive Inc.
Cox Automotive is the world’s largest automotive services and technology provider. Fueled by the largest breadth of first-party data fed by 2.3 billion online interactions a year, Cox Automotive tailors leading solutions for car shoppers, auto manufacturers, dealers, lenders and fleets. The company
Shopee
Shopee is the leading e-commerce platform in Southeast Asia and Taiwan. It is a platform tailored for the region, providing customers with an easy, secure and fast online shopping experience through strong payment and logistical support. Shopee aims to continually enhance its platform and become th
We help those who build the future to make it amazing. In an era where new technologies are born every minute, and the demand for meaningful digital experiences has never been so intense, we unlock our customers’ innovative potential, empowering them to transform their boldest ideas into reality, an
PayPal
We're championing possibilities for all by making money fast, easy, and more enjoyable. Our hope is unlock opportunities for people in their everyday lives and empower the millions of people and businesses around the world who trust, rely, and use PayPal every day. For support, visit the PayPal He
Cisco
Cisco is the worldwide technology leader that is revolutionizing the way organizations connect and protect in the AI era. For more than 40 years, Cisco has securely connected the world. With its industry leading AI-powered solutions and services, Cisco enables its customers, partners and communities
Databricks is the Data and AI company. More than 10,000 organizations worldwide — including Block, Comcast, Condé Nast, Rivian, Shell and over 60% of the Fortune 500 — rely on the Databricks Data Intelligence Platform to take control of their data and put it to work with AI. Databricks is headquarte
.png)
Dassault Systèmes CyberSecurity News
December 02, 2025 04:35 AM
Cisco Announces Network Security Infrastructure for Agentic AI
SAN DIEGO, June 10, 2025 — Cisco today announced innovations to help enterprises reimagine security for the AI era. Security teams are racing to securely...
December 02, 2025 12:52 AM
Dassault Systèmes and Mistral AI expand sovereign AI services for Europe - CHOSUNBIZ
Dassault Systèmes said on the 2nd that it will expand the provision of sovereign artificial intelligence (AI) services targeting Europe's...
November 26, 2025 02:52 AM
A New Era of Sovereign AI: Dassault Systèmes and Mistral AI Deepen Their Partnership
Mistral AI's “Le Chat Enterprise” AI assistant and “AI Studio” builder platform are now available on Dassault Systèmes' OUTSCALE sovereign...
October 30, 2025 07:00 AM
CISA adds a pair of Dassault Systèmes’ DELMIA Apriso vulnerabilities to KEV catalogue
The US cyber agency warns of active exploitation of flaws that could lead to full application compromise of a popular manufacturing...
October 30, 2025 07:00 AM
Massive Cybersecurity Storm: Ransomware Rampages, Mega-Breach Scare & Global Outages
Global tech outage: A DNS issue at Microsoft disrupted Azure cloud and Microsoft 365 logins worldwide, underscoring the fragility of...
October 29, 2025 07:00 AM
CISA Issues Alert on Active Exploitation of Dassault Systèmes Security Flaws
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert regarding two severe vulnerabilities...
October 29, 2025 07:00 AM
U.S. CISA adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited...
October 29, 2025 07:00 AM
CISA Warns of Dassault Systèmes Vulnerabilities Actively Exploited in Attacks
CISA has added two critical vulnerabilities affecting Dassault Systèmes DELMIA Apriso to its Known Exploited Vulnerabilities catalog,...
October 29, 2025 07:00 AM
Active Exploits Hit Dassault and XWiki — CISA Confirms Critical Flaws Under Attack
Threat actors are actively exploiting multiple security flaws impacting Dassault Systèmes DELMIA Apriso and XWiki, according to alerts...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Dassault Systèmes CyberSecurity History Information
Official Website of Dassault Systèmes
The official website of Dassault Systèmes is http://www.3ds.com/.
Dassault Systèmes’s AI-Generated Cybersecurity Score
According to Rankiteo, Dassault Systèmes’s AI-generated cybersecurity score is 805, reflecting their Good security posture.
How many security badges does Dassault Systèmes’ have ?
According to Rankiteo, Dassault Systèmes currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Dassault Systèmes have SOC 2 Type 1 certification ?
According to Rankiteo, Dassault Systèmes is not certified under SOC 2 Type 1.
Does Dassault Systèmes have SOC 2 Type 2 certification ?
According to Rankiteo, Dassault Systèmes does not hold a SOC 2 Type 2 certification.
Does Dassault Systèmes comply with GDPR ?
According to Rankiteo, Dassault Systèmes is not listed as GDPR compliant.
Does Dassault Systèmes have PCI DSS certification ?
According to Rankiteo, Dassault Systèmes does not currently maintain PCI DSS compliance.
Does Dassault Systèmes comply with HIPAA ?
According to Rankiteo, Dassault Systèmes is not compliant with HIPAA regulations.
Does Dassault Systèmes have ISO 27001 certification ?
According to Rankiteo,Dassault Systèmes is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Dassault Systèmes
Dassault Systèmes operates primarily in the Software Development industry.
Number of Employees at Dassault Systèmes
Dassault Systèmes employs approximately 27,261 people worldwide.
Subsidiaries Owned by Dassault Systèmes
Dassault Systèmes presently has no subsidiaries across any sectors.
Dassault Systèmes’s LinkedIn Followers
Dassault Systèmes’s official LinkedIn profile has approximately 955,420 followers.
NAICS Classification of Dassault Systèmes
Dassault Systèmes is classified under the NAICS code 5112, which corresponds to Software Publishers.
Dassault Systèmes’s Presence on Crunchbase
No, Dassault Systèmes does not have a profile on Crunchbase.
Dassault Systèmes’s Presence on LinkedIn
Yes, Dassault Systèmes maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/dassaultsystemes.
Cybersecurity Incidents Involving Dassault Systèmes
As of December 11, 2025, Rankiteo reports that Dassault Systèmes has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Dassault Systèmes has an estimated 27,532 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Dassault Systèmes ?
Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability.
How does Dassault Systèmes detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an incident response plan activated with cisa binding operational directive (bod) 22-01, and containment measures with apply security updates, containment measures with mitigate vulnerability, containment measures with discontinue use of delmia apriso if unpatched, and remediation measures with patch management for delmia apriso (releases 2020–2025), and communication strategy with cisa advisory, communication strategy with sans isc disclosure by johannes ullrich, and enhanced monitoring with monitor for malicious soap requests from ip 156.244.33[.]162..
Incident Details
Can you provide details on each incident ?
Title: Critical RCE Vulnerability (CVE-2025-5086) in DELMIA Apriso Exploited by Hackers
Description: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of hackers exploiting a critical remote code execution (RCE) flaw (CVE-2025-5086, CVSS v3: 9.0) in DELMIA Apriso, a manufacturing operations management (MOM) and execution (MES) solution by Dassault Systèmes. The vulnerability, a deserialization of untrusted data issue, allows RCE via malicious SOAP requests containing a Base64-encoded, GZIP-compressed .NET executable. Exploitation attempts were observed originating from IP 156.244.33[.]162, likely linked to automated scans. CISA added the flaw to its Known Exploited Vulnerabilities (KEV) catalog and mandated federal agencies to patch or mitigate by October 2, 2025.
Date Detected: 2025-06-02
Date Publicly Disclosed: 2025-06-02
Type: Vulnerability Exploitation
Attack Vector: NetworkMalicious SOAP RequestsBase64-encoded GZIP-compressed .NET Executable
Vulnerability Exploited: CVE-2025-5086 (Deserialization of Untrusted Data)
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Vulnerability.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Vulnerable SOAP Endpoints in DELMIA Apriso.
Impact of the Incidents
What was the impact of each incident ?
Incident : Vulnerability Exploitation DAS2092120091225
Systems Affected: DELMIA Apriso (Releases 2020–2025)
Operational Impact: Potential disruption to manufacturing operationsQuality managementResource allocationWarehouse managementProduction equipment integration
Brand Reputation Impact: Potential reputational damage to Dassault Systèmes and affected enterprises
Which entities were affected by each incident ?
Incident : Vulnerability Exploitation DAS2092120091225
Entity Name: Dassault Systèmes
Entity Type: Software Vendor
Industry: Manufacturing Operations Management (MOM), Manufacturing Execution Systems (MES)
Location: France (Global Operations)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Vulnerability Exploitation DAS2092120091225
Incident Response Plan Activated: ['CISA Binding Operational Directive (BOD) 22-01']
Containment Measures: Apply security updatesMitigate vulnerabilityDiscontinue use of DELMIA Apriso if unpatched
Remediation Measures: Patch management for DELMIA Apriso (Releases 2020–2025)
Communication Strategy: CISA advisorySANS ISC disclosure by Johannes Ullrich
Enhanced Monitoring: Monitor for malicious SOAP requests from IP 156.244.33[.]162
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as CISA Binding Operational Directive (BOD) 22-01, .
Data Breach Information
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Patch management for DELMIA Apriso (Releases 2020–2025), .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by apply security updates, mitigate vulnerability, discontinue use of delmia apriso if unpatched and .
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Vulnerability Exploitation DAS2092120091225
Regulatory Notifications: CISA KEV Catalog InclusionBOD 22-01 Mandate for Federal Agencies
Lessons Learned and Recommendations
What recommendations were made to prevent future incidents ?
Incident : Vulnerability Exploitation DAS2092120091225
Recommendations: Patch DELMIA Apriso to the latest version immediately., Monitor network traffic for malicious SOAP requests targeting DELMIA Apriso endpoints., Implement network segmentation to isolate MOM/MES systems., Deploy WAF rules to block exploitation attempts via SOAP endpoints., Conduct threat hunting for indicators of compromise (e.g., IP 156.244.33[.]162)., Follow CISA’s KEV catalog for timely vulnerability management.Patch DELMIA Apriso to the latest version immediately., Monitor network traffic for malicious SOAP requests targeting DELMIA Apriso endpoints., Implement network segmentation to isolate MOM/MES systems., Deploy WAF rules to block exploitation attempts via SOAP endpoints., Conduct threat hunting for indicators of compromise (e.g., IP 156.244.33[.]162)., Follow CISA’s KEV catalog for timely vulnerability management.Patch DELMIA Apriso to the latest version immediately., Monitor network traffic for malicious SOAP requests targeting DELMIA Apriso endpoints., Implement network segmentation to isolate MOM/MES systems., Deploy WAF rules to block exploitation attempts via SOAP endpoints., Conduct threat hunting for indicators of compromise (e.g., IP 156.244.33[.]162)., Follow CISA’s KEV catalog for timely vulnerability management.Patch DELMIA Apriso to the latest version immediately., Monitor network traffic for malicious SOAP requests targeting DELMIA Apriso endpoints., Implement network segmentation to isolate MOM/MES systems., Deploy WAF rules to block exploitation attempts via SOAP endpoints., Conduct threat hunting for indicators of compromise (e.g., IP 156.244.33[.]162)., Follow CISA’s KEV catalog for timely vulnerability management.Patch DELMIA Apriso to the latest version immediately., Monitor network traffic for malicious SOAP requests targeting DELMIA Apriso endpoints., Implement network segmentation to isolate MOM/MES systems., Deploy WAF rules to block exploitation attempts via SOAP endpoints., Conduct threat hunting for indicators of compromise (e.g., IP 156.244.33[.]162)., Follow CISA’s KEV catalog for timely vulnerability management.Patch DELMIA Apriso to the latest version immediately., Monitor network traffic for malicious SOAP requests targeting DELMIA Apriso endpoints., Implement network segmentation to isolate MOM/MES systems., Deploy WAF rules to block exploitation attempts via SOAP endpoints., Conduct threat hunting for indicators of compromise (e.g., IP 156.244.33[.]162)., Follow CISA’s KEV catalog for timely vulnerability management.
References
Where can I find more information about each incident ?
Incident : Vulnerability Exploitation DAS2092120091225
Source: CISA Known Exploited Vulnerabilities (KEV) Catalog
Incident : Vulnerability Exploitation DAS2092120091225
Source: SANS Internet Storm Center (ISC) - Johannes Ullrich
Date Accessed: 2025-09-03
Incident : Vulnerability Exploitation DAS2092120091225
Source: Dassault Systèmes Security Advisory
Date Accessed: 2025-06-02
Incident : Vulnerability Exploitation DAS2092120091225
Source: Hybrid Analysis (Malicious Payload Report)
Incident : Vulnerability Exploitation DAS2092120091225
Source: VirusTotal (Payload Analysis)
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: CISA Known Exploited Vulnerabilities (KEV) Catalog, and Source: SANS Internet Storm Center (ISC) - Johannes UllrichDate Accessed: 2025-09-03, and Source: Dassault Systèmes Security AdvisoryDate Accessed: 2025-06-02, and Source: Hybrid Analysis (Malicious Payload Report), and Source: VirusTotal (Payload Analysis).
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Vulnerability Exploitation DAS2092120091225
Investigation Status: Ongoing (Exploitation observed; CISA mandate active)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Cisa Advisory and Sans Isc Disclosure By Johannes Ullrich.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Vulnerability Exploitation DAS2092120091225
Stakeholder Advisories: Cisa Alert For Federal And Private Sector Organizations.
Customer Advisories: Dassault Systèmes Security Bulletin (Limited Details)
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Cisa Alert For Federal And Private Sector Organizations, Dassault Systèmes Security Bulletin (Limited Details) and .
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Vulnerability Exploitation DAS2092120091225
Entry Point: Vulnerable Soap Endpoints In Delmia Apriso,
High Value Targets: Manufacturing Operations (Automotive, Aerospace, Electronics, Industrial Machinery),
Data Sold on Dark Web: Manufacturing Operations (Automotive, Aerospace, Electronics, Industrial Machinery),
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Vulnerability Exploitation DAS2092120091225
Root Causes: Deserialization Of Untrusted Data In Delmia Apriso, Lack Of Input Validation For Soap Requests,
Corrective Actions: Patch Vulnerable Versions (2020–2025), Enhance Input Validation Mechanisms, Implement Exploit Mitigation Controls,
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Monitor For Malicious Soap Requests From Ip 156.244.33[.]162, .
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Patch Vulnerable Versions (2020–2025), Enhance Input Validation Mechanisms, Implement Exploit Mitigation Controls, .
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2025-06-02.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-06-02.
Impact of the Incidents
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was DELMIA Apriso (Releases 2020–2025).
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Apply security updatesMitigate vulnerabilityDiscontinue use of DELMIA Apriso if unpatched.
Lessons Learned and Recommendations
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Implement network segmentation to isolate MOM/MES systems., Follow CISA’s KEV catalog for timely vulnerability management., Deploy WAF rules to block exploitation attempts via SOAP endpoints., Monitor network traffic for malicious SOAP requests targeting DELMIA Apriso endpoints., Patch DELMIA Apriso to the latest version immediately., Conduct threat hunting for indicators of compromise (e.g. and IP 156.244.33[.]162)..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are CISA Known Exploited Vulnerabilities (KEV) Catalog, SANS Internet Storm Center (ISC) - Johannes Ullrich, Dassault Systèmes Security Advisory, VirusTotal (Payload Analysis) and Hybrid Analysis (Malicious Payload Report).
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing (Exploitation observed; CISA mandate active).
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was CISA Alert for Federal and Private Sector Organizations, .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Dassault Systèmes Security Bulletin (Limited Details).
Initial Access Broker
.png)
Latest Global CVEs (Not Company-Specific)
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. (This is the app_password parameter). Depending on local configuration, this password could be the extension, voicemail, user manager, DPMA or EPM phone admin password. This issue is fixed in versions 16.0.96 and 17.0.10.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions). Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges are impacted. This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 9.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool (e.g., for LLM agent querying, however, validation based on the first keyword (e.g., SELECT) and a forbidden-keyword list does not block file-writing constructs such as INTO OUTFILE / INTO DUMPFILE. As a result, an attacker who can influence the tool input (e.g., via prompt injection through a public agent endpoint) may write arbitrary files to the DB server if the MySQL/MariaDB account has the FILE privilege and server configuration permits writes to a useful location (e.g., a web-accessible directory). This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Description
Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.
Risk Information
cvss3
Base: 8.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
Description
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in versions 4.11.2 and 4.12.1.
Risk Information
cvss3
Base: 5.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=dassaultsystemes' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
