CVE-2025-5086
Published Jun 2, 2025
Last updated 7 days ago
AI description
CVE-2025-5086 is a deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025. Exploitation of this vulnerability could lead to remote code execution. Specifically, the vulnerability exists because the application does not properly validate data during the deserialization process. An attacker could potentially execute arbitrary code remotely without requiring user interaction, leading to a full system compromise, unauthorized code execution, potential data theft or manipulation, or complete system availability disruption.
- Description
- A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could lead to a remote code execution.
- Source
- 3DS.Information-Security@3ds.com
- NVD status
- Modified
- Products
- delmia_apriso
CVSS 3.1
- Type
- Secondary
- Base score
- 9
- Impact score
- 6
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Dassault Systèmes DELMIA Apriso Deserialization of Untrusted Data Vulnerability
- Exploit added on
- Sep 11, 2025
- Exploit action due
- Oct 2, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- 3DS.Information-Security@3ds.com
- CWE-502
- Hype score
- Not currently trending
#VulnerabilityReport #CVE20255086 CVE-2025-5086 (CVSS 9.0): A Critical RCE in DELMIA Apriso with Exploit Attempts Seen in the Wild https://t.co/QZCALj4ma0
@Komodosec
11 Oct 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical Industrial Vulnerability – CVE-2025-5086 A CVSS 9.0 flaw in Dassault Systèmes DELMIA Apriso MOM is under active exploitation. 🛡️ Patch now (CISA deadline: Oct 2, 2025). 👉 Details, IOCs & mitigations: https://t.co/NSYPt7gW8k
@vulert_official
29 Sept 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-5086: A Critical (CVSS 9.0) deserialization flaw in Dassault Systèmes DELMIA Apriso (2020–2025) is being actively exploited, allowing remote code execution. 🛡️ Mitigation: Apply vendor patches, validate deserialized data, or discontinue usage if no fix is av
@NightfallCVE
25 Sept 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We dug into DELMIA Apriso & found more than we expected. A deserialization flaw (CVE-2025-5086) let us turn a SOAP request into full RCE. Our blog breaks down: - how we traced the vulnerable code path - how we crafted the payload - why it impacts Apriso 2020–2025 Patch AS
@pdiscoveryio
24 Sept 2025
2728 Impressions
4 Retweets
29 Likes
17 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-23 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: CVE-2025-10800 — weakness has been identified News: SolarWinds releases third patch to fix… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
23 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Une vulnérabilité critique, identifiée comme CVE-2025-5086, a été découverte dans DELMIA Apriso et est actuellement exploitée activement. L'Agence de cybersécurité et de sécurité des infrastructures (CISA) a publié un avertissement incitant les utilisateurs à appliqu
@Sh3lmiYotr
22 Sept 2025
37 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-22 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: No NVD News: Microsoft says recent updates cause DRM… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
22 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-21 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: No NVD News: Canada dismantles TradeOgre exchange, seizes $40… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
21 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-20 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: CVE-2025-10712 — vulnerability was found in News: Microsoft starts rolling out Gaming Copilot… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
20 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5086 Dassault Systèmes DELMIA Apriso contains a deserialization of untrusted data vulnerability that could lead to a remote code execution.
@ZeroDayFacts
20 Sept 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ CISA has identified a critical vulnerability, CVE-2025-5086, in DELMIA Apriso software, which could lead to remote code execution. This flaw affects all versions from 2020 to 2025. Read more: https://t.co/mfZSI0D5KW https://t.co/HWc0mSfOJW
@sctocs25
19 Sept 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-19 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: CVE-2022-50375 — In the Linux kernel News: Steam will stop running on Windows… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
19 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5086 has recently been classified as a CISA Known Exploited Vulnerability called "Dassault Systèmes DELMIA Apriso Deserialization of Untrusted Data Vulnerability". Know more about it: https://t.co/zrXPFhHGh7 #KEV #CVE #VulnerabilityManagement #CISO https://t.co/jTJh2
@attaxion
19 Sept 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Warns of Critical Remote Code Execution Flaw in Dassault’s DELMIA Apriso! A serious RCE vulnerability (CVE-2025-5086) in Dassault’s DELMIA Apriso is being actively exploited. Used in manufacturing ops including production scheduling, resource allocation, warehouse http
@ChbibAnas
18 Sept 2025
14 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-18 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: CVE-2025-10593 — vulnerability was detected in News: Notepad gets free AI features on… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
18 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ثغـ ـرة خطـ ـيرة CVE-2025-5086 في برنامج DELMIA Apriso تتعرض لهـ ـجمات نشطة التفاصيل.. https://t.co/Cnhk4ikPtE #مركز_الأمن_السيبراني_للابحاث_والدراسات https://t.co/OMLIjfe9pr
@ccforrs
18 Sept 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-17 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: CVE-2024-12796 — Improper Neutralization of Input News: Microsoft and Cloudflare disrupt massive RaccoonO365… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
17 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-16 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: CVE-2022-50234 — In the Linux kernel News: Jaguar Land Rover extends shutdown after… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
16 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-15 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: CVE-2025-10400 — security vulnerability has been News: Microsoft fixes Windows 11 audio issues… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
15 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🇺🇸 CISA advierte sobre vulnerabilidad de Dassault RCE explotada activamente ⚠️ CVE-2025-5086 https://t.co/X5UQsAE5dd https://t.co/2SuqCVFXEZ
@elhackernet
15 Sept 2025
3506 Impressions
8 Retweets
35 Likes
8 Bookmarks
0 Replies
0 Quotes
Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning https://t.co/LXra4y5uOa #CyberSecurity #Vulnerabilities #CSCIS
@CIDC_Ops
15 Sept 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning https://t.co/34GoDkzpNK via @TheHackersNews
@jackgoesvirtual
14 Sept 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-14 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: CVE-2025-10366 — flaw has been found News: New HybridPetya ransomware can bypass UEFI… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
14 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Ransomware Alert: CVE-2025-5086 in Dassault DELMIA Apriso. This deserialization flaw is being actively targeted by ransomware operators. Read the full report now: https://t.co/J3HdTWnqsK https://t.co/md1VtvZHVX
@Iambivash007
14 Sept 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
仏ダッソー・システムズの製造管理ソフト「DELMIA Apriso」に深刻な脆弱性(CVE-2025-5086)が確認され、米CISAが既に実害を伴う攻撃を警告した。産業機器とERPをつなぐ中核ソフトでのRCEリスクに注意が必要である
@yousukezan
14 Sept 2025
929 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CISA Warns of Active Dassault RCE Exploit—Patch Now https://t.co/SYCCfnKMtl #CisaSecurityAlert #cve-2025-5086 #RemoteCodeExecution
@wizconsults
13 Sept 2025
79 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE ALERT ⚡🛠️ CVE-2025-5086 — Critical Dassault RCE flaw 🐞 • Deserialization bug allows remote code execution 🚨 • Affects all DELMIA Apriso 2020–2025 users 🏭 • Action: Patch immediately or apply mitigations 🔒 Manufacturing ops are at risk—mov
@Newtalics
13 Sept 2025
93 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-13 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: CVE-2025-10364 — Evertz SDVN 3080ipx-10G is News: New HybridPetya ransomware can bypass UEFI… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
13 Sept 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5086 : CISA warns of actively exploited Dassault RCE vulnerability https://t.co/8pIKNdXekY
@freedomhack101
13 Sept 2025
113 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
🚨 Critical CVE-2025-5086 in DELMIA Apriso is being ACTIVELY EXPLOITED! CISA issues an urgent warning. Patch NOW! #Cybersecurity #CVE https://t.co/uFpih32Kn6
@xcybersecnews
13 Sept 2025
79 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-5086: Falha crítica no DELMIA Apriso da Dassault permite execução remota de código. CISA confirma exploração ativa. Atualize já! https://t.co/QqONE3r1Xw #Cibersegurança #CVE #TecNewsThiago
@tecnewsthiago
13 Sept 2025
75 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning Sep 12, 2025 https://t.co/tSo3btlwLA
@tdatwja
13 Sept 2025
186 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA adds DELMIA Apriso flaw ⚡ A critical bug (CVE-2025-5086, CVSS 9.0) in Dassault Systèmes DELMIA Apriso is now in CISA’s KEV list 🛑. Allows unauthenticated code execution → urgent patching required across industries 🏭. ❗ Federal & private orgs must r
@MarcelVelica
13 Sept 2025
174 Impressions
3 Retweets
9 Likes
0 Bookmarks
7 Replies
0 Quotes
🚨 @CISACyber alert: Active exploitation of CVE-2025-5086 (RCE in Dassault DELMIA Apriso). ⚡ Used in aerospace, auto, & industrial sectors ⚡ Exploit = malicious SOAP requests loading .NET payloads ⚡ Agencies must patch/mitigate by Oct 2 Stay cautious. Follow @TechNadu
@TechNadu
13 Sept 2025
98 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
The agency added the vulnerability, tracked as CVE-2025-5086 and rated with a critical severity score (CVSS v3: 9.0), to the Known Exploited Vulnerabilities (KEV). #cybersecurity https://t.co/SMkWZ7l8fZ
@cybertzar
13 Sept 2025
80 Impressions
0 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-5086 DELMIA Aprisoの脆弱性を悪用する攻撃が確認され警告 https://t.co/QEJWBC1rcy #Security #セキュリティ #ニュース
@SecureShield_
13 Sept 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Manufacturing Software at Risk from CVE-2025-5086 Exploit - https://t.co/lKo58QaSkU #CVE20255086, #DELMIAApriso, #DassaultSystemes, #cybersecurity, #ICSsecurity, #OTsecurity, #manufacturing, #industrialcontrol, #supplychain, #criticalinfrastructure, #patchnow, #infosec,
@Mag212News
13 Sept 2025
91 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning https://t.co/bfU7c5td2a #CyberSecurity
@EpicPlain
12 Sept 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical CVE-2025-5086 in DELMIA Apriso • Deserialization flaw enables remote code execution • Actively exploited in manufacturing systems 🛡️ Get 3 private pentest bids now at https://t.co/4ZmseOiu9a. Protect your organization today! 🔗https://t.co/w1ttD6ydpM http
@PenTestBids
12 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA reports active exploitation of CVE-2025-5086, a critical RCE vulnerability in Dassault Systèmes' DELMIA Apriso (2020-2025). Malicious SOAP requests deliver compressed .NET payloads. #CVE2025 #IndustrialSecurity #USA https://t.co/ELAj9qDfCN
@TweetThreatNews
12 Sept 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 New KEV Alert: @CISACyber adds CVE-2025-5086 (Dassault DELMIA Apriso flaw) to its catalog of actively exploited vulnerabilities. ⚠️ Feds must patch under BOD 22-01—but all orgs are urged to remediate quickly. Do KEVs get your top priority? Follow @Technadu for update
@TechNadu
12 Sept 2025
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical CVE-2025-5086 flaw in DELMIA Apriso (2020-2025) enables remote code execution via deserialization. Active attacks bypass detection tools. Patches released for urgent deployment. #IndustrialSecurity #RemoteCodeExec #USA https://t.co/PALs4xXgvW
@TweetThreatNews
12 Sept 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical DELMIA Apriso RCE Flaw CVE-2025-5086 Under Attack, CISA Alerts #CVE20255086 #DELMIAApriso #CISAWarning #CyberSecurity #RCE #KEV #Malware #Zapchast #DataBreach #PatchNow #Infosec #ThreatIntel #ManufacturingSecurity https://t.co/ir8vva8iOP
@cyashadotcom
12 Sept 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-12 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: CVE-2025-10193 — DNS rebinding vulnerability in News: Man gets over 4 years in… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
12 Sept 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA warns of critical, actively exploited CVE-2025-5086 (CVSS 9.0) in DELMIA Apriso MOM software! Urgent patching required. ⚠️ https://t.co/EkzyAOGb9G #CVE20255086 #DELMIAApriso #CISA #Cybersecurity #Vulnerability
@0xT3chn0m4nc3r
12 Sept 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 أضافت وكالة الأمن السيبراني والبنية التحتية الأمريكية (CISA) ثغرة أمنية حرجة في برنامج DELMIA Apriso إلى قائمة الثغرات المعروفة التي يتم استغلالها. الثغرة، ال
@Cybercachear
12 Sept 2025
59 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
The Hacker News - Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning https://t.co/lWavdsGznR
@buzz_sec
12 Sept 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔍 𝐂𝐈𝐒𝐀 𝐔𝐫𝐠𝐞𝐬 𝐈𝐦𝐦𝐞𝐝𝐢𝐚𝐭𝐞 𝐏𝐚𝐭𝐜𝐡𝐢𝐧𝐠: 𝐂𝐫𝐢𝐭𝐢𝐜𝐚𝐥 𝐃𝐚𝐬𝐬𝐚𝐮𝐥𝐭 𝐒𝐲𝐬𝐭è𝐦𝐞𝐬 𝐅𝐥𝐚𝐰 (𝐂𝐕𝐄-𝟐𝟎𝟐𝟓-𝟓𝟎𝟖𝟔)
@PurpleOps_io
12 Sept 2025
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📢 Check out our latest blog post: CISA alerts over CVE-2025-5086 in DELMIA Apriso. Learn how to patch and protect against active exploits targeting critical industrial systems. Read it here → https://t.co/QSI6v5HHri Let us know your thoughts!
@PurpleOps_io
12 Sept 2025
70 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🛡️ We added Dassault Systèmes DELMIA Apriso vulnerability CVE-2025-5086 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwapzIN & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec https://t.co/XTC37syxc6
@CISACyber
11 Sept 2025
7969 Impressions
7 Retweets
21 Likes
2 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:3ds:delmia_apriso:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "809F8ACE-5686-4178-ACF7-D6968035FCF5",
"versionEndIncluding": "2025",
"versionStartIncluding": "2020"
}
],
"operator": "OR"
}
]
}
]