CVE-2025-5086
Published Jun 2, 2025
Last updated 5 months ago
- Description
- A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could lead to a remote code execution.
- Source
- 3DS.Information-Security@3ds.com
- NVD status
- Analyzed
- Products
- delmia_apriso
CVSS 3.1
- Type
- Secondary
- Base score
- 9
- Impact score
- 6
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Dassault Systèmes DELMIA Apriso Deserialization of Untrusted Data Vulnerability
- Exploit added on
- Sep 11, 2025
- Exploit action due
- Oct 2, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- 3DS.Information-Security@3ds.com
- CWE-502
- Hype score
- Not currently trending
#VulnerabilityReport #CVE20255086 CVE-2025-5086 (CVSS 9.0): A Critical RCE in DELMIA Apriso with Exploit Attempts Seen in the Wild https://t.co/QZCALj4ma0
@Komodosec
11 Oct 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical Industrial Vulnerability – CVE-2025-5086 A CVSS 9.0 flaw in Dassault Systèmes DELMIA Apriso MOM is under active exploitation. 🛡️ Patch now (CISA deadline: Oct 2, 2025). 👉 Details, IOCs & mitigations: https://t.co/NSYPt7gW8k
@vulert_official
29 Sept 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-5086: A Critical (CVSS 9.0) deserialization flaw in Dassault Systèmes DELMIA Apriso (2020–2025) is being actively exploited, allowing remote code execution. 🛡️ Mitigation: Apply vendor patches, validate deserialized data, or discontinue usage if no fix is av
@TheExploitLab
25 Sept 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We dug into DELMIA Apriso & found more than we expected. A deserialization flaw (CVE-2025-5086) let us turn a SOAP request into full RCE. Our blog breaks down: - how we traced the vulnerable code path - how we crafted the payload - why it impacts Apriso 2020–2025 Patch AS
@pdiscoveryio
24 Sept 2025
2728 Impressions
4 Retweets
29 Likes
17 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-23 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: CVE-2025-10800 — weakness has been identified News: SolarWinds releases third patch to fix… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
23 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Une vulnérabilité critique, identifiée comme CVE-2025-5086, a été découverte dans DELMIA Apriso et est actuellement exploitée activement. L'Agence de cybersécurité et de sécurité des infrastructures (CISA) a publié un avertissement incitant les utilisateurs à appliqu
@Sh3lmiYotr
22 Sept 2025
37 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-22 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: No NVD News: Microsoft says recent updates cause DRM… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
22 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-21 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: No NVD News: Canada dismantles TradeOgre exchange, seizes $40… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
21 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-20 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: CVE-2025-10712 — vulnerability was found in News: Microsoft starts rolling out Gaming Copilot… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
20 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5086 Dassault Systèmes DELMIA Apriso contains a deserialization of untrusted data vulnerability that could lead to a remote code execution.
@ZeroDayFacts
20 Sept 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ CISA has identified a critical vulnerability, CVE-2025-5086, in DELMIA Apriso software, which could lead to remote code execution. This flaw affects all versions from 2020 to 2025. Read more: https://t.co/mfZSI0D5KW https://t.co/HWc0mSfOJW
@sctocs25
19 Sept 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-19 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: CVE-2022-50375 — In the Linux kernel News: Steam will stop running on Windows… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
19 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5086 has recently been classified as a CISA Known Exploited Vulnerability called "Dassault Systèmes DELMIA Apriso Deserialization of Untrusted Data Vulnerability". Know more about it: https://t.co/zrXPFhHGh7 #KEV #CVE #VulnerabilityManagement #CISO https://t.co/jTJh2
@attaxion
19 Sept 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Warns of Critical Remote Code Execution Flaw in Dassault’s DELMIA Apriso! A serious RCE vulnerability (CVE-2025-5086) in Dassault’s DELMIA Apriso is being actively exploited. Used in manufacturing ops including production scheduling, resource allocation, warehouse http
@ChbibAnas
18 Sept 2025
14 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-18 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: CVE-2025-10593 — vulnerability was detected in News: Notepad gets free AI features on… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
18 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ثغـ ـرة خطـ ـيرة CVE-2025-5086 في برنامج DELMIA Apriso تتعرض لهـ ـجمات نشطة التفاصيل.. https://t.co/Cnhk4ikPtE #مركز_الأمن_السيبراني_للابحاث_والدراسات https://t.co/OMLIjfe9pr
@ccforrs
18 Sept 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-17 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: CVE-2024-12796 — Improper Neutralization of Input News: Microsoft and Cloudflare disrupt massive RaccoonO365… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
17 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-16 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: CVE-2022-50234 — In the Linux kernel News: Jaguar Land Rover extends shutdown after… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
16 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-15 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: CVE-2025-10400 — security vulnerability has been News: Microsoft fixes Windows 11 audio issues… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
15 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🇺🇸 CISA advierte sobre vulnerabilidad de Dassault RCE explotada activamente ⚠️ CVE-2025-5086 https://t.co/X5UQsAE5dd https://t.co/2SuqCVFXEZ
@elhackernet
15 Sept 2025
3506 Impressions
8 Retweets
35 Likes
8 Bookmarks
0 Replies
0 Quotes
Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning https://t.co/LXra4y5uOa #CyberSecurity #Vulnerabilities #CSCIS
@CIDC_Ops
15 Sept 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning https://t.co/34GoDkzpNK via @TheHackersNews
@jackgoesvirtual
14 Sept 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-14 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: CVE-2025-10366 — flaw has been found News: New HybridPetya ransomware can bypass UEFI… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
14 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Ransomware Alert: CVE-2025-5086 in Dassault DELMIA Apriso. This deserialization flaw is being actively targeted by ransomware operators. Read the full report now: https://t.co/J3HdTWnqsK https://t.co/md1VtvZHVX
@cyberbivash
14 Sept 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
仏ダッソー・システムズの製造管理ソフト「DELMIA Apriso」に深刻な脆弱性(CVE-2025-5086)が確認され、米CISAが既に実害を伴う攻撃を警告した。産業機器とERPをつなぐ中核ソフトでのRCEリスクに注意が必要である
@yousukezan
14 Sept 2025
929 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CISA Warns of Active Dassault RCE Exploit—Patch Now https://t.co/SYCCfnKMtl #CisaSecurityAlert #cve-2025-5086 #RemoteCodeExecution
@wizconsults
13 Sept 2025
79 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE ALERT ⚡🛠️ CVE-2025-5086 — Critical Dassault RCE flaw 🐞 • Deserialization bug allows remote code execution 🚨 • Affects all DELMIA Apriso 2020–2025 users 🏭 • Action: Patch immediately or apply mitigations 🔒 Manufacturing ops are at risk—mov
@Newtalics
13 Sept 2025
93 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-13 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: CVE-2025-10364 — Evertz SDVN 3080ipx-10G is News: New HybridPetya ransomware can bypass UEFI… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
13 Sept 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5086 : CISA warns of actively exploited Dassault RCE vulnerability https://t.co/8pIKNdXekY
@freedomhack101
13 Sept 2025
113 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
🚨 Critical CVE-2025-5086 in DELMIA Apriso is being ACTIVELY EXPLOITED! CISA issues an urgent warning. Patch NOW! #Cybersecurity #CVE https://t.co/uFpih32Kn6
@xcybersecnews
13 Sept 2025
79 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-5086: Falha crítica no DELMIA Apriso da Dassault permite execução remota de código. CISA confirma exploração ativa. Atualize já! https://t.co/QqONE3r1Xw #Cibersegurança #CVE #TecNewsThiago
@tecnewsthiago
13 Sept 2025
75 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning Sep 12, 2025 https://t.co/tSo3btlwLA
@tdatwja
13 Sept 2025
186 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA adds DELMIA Apriso flaw ⚡ A critical bug (CVE-2025-5086, CVSS 9.0) in Dassault Systèmes DELMIA Apriso is now in CISA’s KEV list 🛑. Allows unauthenticated code execution → urgent patching required across industries 🏭. ❗ Federal & private orgs must r
@MarcelVelica
13 Sept 2025
174 Impressions
3 Retweets
9 Likes
0 Bookmarks
7 Replies
0 Quotes
🚨 @CISACyber alert: Active exploitation of CVE-2025-5086 (RCE in Dassault DELMIA Apriso). ⚡ Used in aerospace, auto, & industrial sectors ⚡ Exploit = malicious SOAP requests loading .NET payloads ⚡ Agencies must patch/mitigate by Oct 2 Stay cautious. Follow @TechNadu
@TechNadu
13 Sept 2025
98 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
The agency added the vulnerability, tracked as CVE-2025-5086 and rated with a critical severity score (CVSS v3: 9.0), to the Known Exploited Vulnerabilities (KEV). #cybersecurity https://t.co/SMkWZ7l8fZ
@cybertzar
13 Sept 2025
80 Impressions
0 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-5086 DELMIA Aprisoの脆弱性を悪用する攻撃が確認され警告 https://t.co/QEJWBC1rcy #Security #セキュリティ #ニュース
@SecureShield_
13 Sept 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Manufacturing Software at Risk from CVE-2025-5086 Exploit - https://t.co/lKo58QaSkU #CVE20255086, #DELMIAApriso, #DassaultSystemes, #cybersecurity, #ICSsecurity, #OTsecurity, #manufacturing, #industrialcontrol, #supplychain, #criticalinfrastructure, #patchnow, #infosec,
@Mag212News
13 Sept 2025
91 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning https://t.co/bfU7c5td2a #CyberSecurity
@EpicPlain
12 Sept 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical CVE-2025-5086 in DELMIA Apriso • Deserialization flaw enables remote code execution • Actively exploited in manufacturing systems 🛡️ Get 3 private pentest bids now at https://t.co/4ZmseOiu9a. Protect your organization today! 🔗https://t.co/w1ttD6ydpM http
@PenTestBids
12 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA reports active exploitation of CVE-2025-5086, a critical RCE vulnerability in Dassault Systèmes' DELMIA Apriso (2020-2025). Malicious SOAP requests deliver compressed .NET payloads. #CVE2025 #IndustrialSecurity #USA https://t.co/ELAj9qDfCN
@TweetThreatNews
12 Sept 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 New KEV Alert: @CISACyber adds CVE-2025-5086 (Dassault DELMIA Apriso flaw) to its catalog of actively exploited vulnerabilities. ⚠️ Feds must patch under BOD 22-01—but all orgs are urged to remediate quickly. Do KEVs get your top priority? Follow @Technadu for update
@TechNadu
12 Sept 2025
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical CVE-2025-5086 flaw in DELMIA Apriso (2020-2025) enables remote code execution via deserialization. Active attacks bypass detection tools. Patches released for urgent deployment. #IndustrialSecurity #RemoteCodeExec #USA https://t.co/PALs4xXgvW
@TweetThreatNews
12 Sept 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical DELMIA Apriso RCE Flaw CVE-2025-5086 Under Attack, CISA Alerts #CVE20255086 #DELMIAApriso #CISAWarning #CyberSecurity #RCE #KEV #Malware #Zapchast #DataBreach #PatchNow #Infosec #ThreatIntel #ManufacturingSecurity https://t.co/ir8vva8iOP
@cyashadotcom
12 Sept 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-12 KEV: CVE-2025-5086 — Dassault Systèmes DELMIA Apriso NVD: CVE-2025-10193 — DNS rebinding vulnerability in News: Man gets over 4 years in… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
12 Sept 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA warns of critical, actively exploited CVE-2025-5086 (CVSS 9.0) in DELMIA Apriso MOM software! Urgent patching required. ⚠️ https://t.co/EkzyAOGb9G #CVE20255086 #DELMIAApriso #CISA #Cybersecurity #Vulnerability
@0xT3chn0m4nc3r
12 Sept 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 أضافت وكالة الأمن السيبراني والبنية التحتية الأمريكية (CISA) ثغرة أمنية حرجة في برنامج DELMIA Apriso إلى قائمة الثغرات المعروفة التي يتم استغلالها. الثغرة، ال
@Cybercachear
12 Sept 2025
59 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
The Hacker News - Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning https://t.co/lWavdsGznR
@buzz_sec
12 Sept 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔍 𝐂𝐈𝐒𝐀 𝐔𝐫𝐠𝐞𝐬 𝐈𝐦𝐦𝐞𝐝𝐢𝐚𝐭𝐞 𝐏𝐚𝐭𝐜𝐡𝐢𝐧𝐠: 𝐂𝐫𝐢𝐭𝐢𝐜𝐚𝐥 𝐃𝐚𝐬𝐬𝐚𝐮𝐥𝐭 𝐒𝐲𝐬𝐭è𝐦𝐞𝐬 𝐅𝐥𝐚𝐰 (𝐂𝐕𝐄-𝟐𝟎𝟐𝟓-𝟓𝟎𝟖𝟔)
@PurpleOps_io
12 Sept 2025
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📢 Check out our latest blog post: CISA alerts over CVE-2025-5086 in DELMIA Apriso. Learn how to patch and protect against active exploits targeting critical industrial systems. Read it here → https://t.co/QSI6v5HHri Let us know your thoughts!
@PurpleOps_io
12 Sept 2025
70 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🛡️ We added Dassault Systèmes DELMIA Apriso vulnerability CVE-2025-5086 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwapzIN & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec https://t.co/XTC37syxc6
@CISACyber
11 Sept 2025
7969 Impressions
7 Retweets
21 Likes
2 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:3ds:delmia_apriso:*:*:*:*:*:*:*:*",
"matchCriteriaId": "809F8ACE-5686-4178-ACF7-D6968035FCF5",
"versionEndIncluding": "2025",
"versionStartIncluding": "2020",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]