AI description
CVE-2025-5086 is a deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025. Exploitation of this vulnerability could lead to remote code execution. Specifically, the vulnerability exists because the application does not properly validate data during the deserialization process. An attacker could potentially execute arbitrary code remotely without requiring user interaction, leading to a full system compromise, unauthorized code execution, potential data theft or manipulation, or complete system availability disruption.
- Description
- A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could lead to a remote code execution.
- Source
- 3DS.Information-Security@3ds.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9
- Impact score
- 6
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- 3DS.Information-Security@3ds.com
- CWE-502
- Hype score
- Not currently trending
Exploit Attempts for Dassault DELMIA Apriso. CVE-2025-5086, (Wed, Sep 3rd) https://t.co/wya554fEHV #SANS #Cybersecurity https://t.co/ZPiEIa0ro6
@PoseidonTPA
3 Sept 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5086 : RCE flaw in DELMIA Apriso (2020–2025) allows unauthenticated attackers to execute code remotely 50,000+ Azure AD Users Exposed via Unsecured API: BeVigil Uncovers Critical Flaw https://t.co/Z9Q78lwAEa https://t.co/Xs9oKptFWB
@freedomhack101
4 Jun 2025
58 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Apple once ran this software. Multiple security firms poked at it. No one spotted the bug. Here's a thread of how we found CVE-2025-5086 in Delmia Apriso... 👇🧵
@HacktronAI
3 Jun 2025
26662 Impressions
13 Retweets
103 Likes
73 Bookmarks
3 Replies
4 Quotes
🚨 CVE-2025-5086: RCE flaw in DELMIA Apriso (2020–2025) allows unauthenticated attackers to execute code remotely ⚠️ Affects MES systems used in manufacturing Critical CVSS 10.0 🔗 https://t.co/P5zDZRZdzR #CVE2025 #RCE #CyberSecurity https://t.co/CNSZAOJePu
@threatsbank
3 Jun 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5086
@HacktronAI
3 Jun 2025
5690 Impressions
7 Retweets
44 Likes
15 Bookmarks
1 Reply
0 Quotes
CVE-2025-5086 A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025Â could lead to a remote code execution. https://t.co/Sp1xoeVNDQ
@CVEnew
2 Jun 2025
349 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes