CVE Alert: CVE-2025-5086 – Dassault Systèmes – DELMIA Apriso

September 11, 2025

CVE-2025-5086

CRITICALExploitation active

A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could lead to a remote code execution.

CVSS v3.1 (9)
AV NETWORK · AC HIGH · PR NONE · UI NONE · S CHANGED
Vendor
Dassault Systèmes
Product
DELMIA Apriso
Versions
Release 2020 Golden lte Release 2020 SP4 | Release 2021 Golden lte Release 2021 SP3 | Release 2022 Golden lte Release 2022 SP3 | Release 2023 Golden lte Release 2023 SP3 | Release 2024 Golden lte Release 2024 SP1 | Release 2025 Golden lte Release 2025 SP1
CWE
CWE-502, CWE-502 Deserialization of Untrusted Data
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Published
2025-06-02T17:42:42.620Z
Updated
2025-09-11T18:28:04.659Z

AI Summary Analysis

Risk verdict

Critical risk with confirmed active exploitation; treat as priority 1 due to remote code execution potential.

Why this matters

Deserialising untrusted data can give an attacker full remote control over the host, enabling deployment of malware, data exfiltration, or movement across the network. In manufacturing environments, this could disrupt production lines, impact supply chain timelines, and expose sensitive process data.

Most likely attack path

Attacker reachable over the network with no privileges or user interaction required; high complexity but effectively unauthenticated. If successful, scope is changed, enabling access beyond the initial process and compromising confidentiality, integrity and availability across connected systems.

Who is most exposed

Typically in on‑premise DELMIA Apriso deployments within manufacturing/OT ecosystems, where production systems are exposed to internal networks or remote admin interfaces. Environments with limited network segmentation or firewall constraints are particularly at risk.

Detection ideas

  • Monitor for deserialization payload patterns and anomalous serialized objects hitting Apriso services.
  • Look for unusual process launches or remote command execution attempts from Apriso endpoints.
  • Detect anomalous external connections or scanners targeting Apriso web/services.
  • Inspect logs for unexpected failures or crashes indicative of exploitation attempts.

Mitigation and prioritisation

  • Apply vendor patch/upgrade to a fixed release beyond SP1; implement patch window as priority.
  • Enforce network segmentation around Apriso endpoints; restrict inbound/outbound to trusted hosts only.
  • Enable WAF/IPS rules and monitor for suspicious deserialization activity.
  • Disable or harden deserialization pathways where feasible; enforce strict input validation.
  • Change-management note: coordinate downtime for upgrade; verify backouts and rollback plans. If exploitation remains active or KEV is confirmed, sustain priority 1 monitoring and response.

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee
Patreon

To keep up to date follow us on the below channels.

Tags: , , , , ,

You may have missed

image

CVE Alert: CVE-2025-5086 – Dassault Systèmes – DELMIA Apriso

September 11, 2025
hackerone

HackerOne Bug Bounty Disclosure: stored-xss-on-tiktok-s-backend-leads-to-the-leakage-of-highly-sensitive-administrator-data-cookies-api-keys-internal-paths-emails-phone-numbers-ahmed-xyz

September 11, 2025
hackerone

HackerOne Bug Bounty Disclosure: toctou-race-condition-in-http-connection-reuse-leads-to-certificate-validation-bypass–xrey

September 11, 2025
hackerone

HackerOne Bug Bounty Disclosure: chained-broken-access-control-in-tiktok-live-backstage-enables-full-control-of-public-leaderboard-activities-eneri

September 11, 2025
image

CVE Alert: CVE-2025-9018 – germanpearls – Time Tracker

September 11, 2025