CVE-2025-5086 Scanner

The Dassault Systèmes DELMIA Apriso platform is a manufacturing operations management (MOM) solution used globally across various industries for optimizing production planning and operations. Enterprises utilize this software to increase manufacturing efficiencies, improve production quality, and ensure compliance with industry standards. From automotive to aerospace, manufacturers adopt DELMIA Apriso to achieve greater visibility and control over their operations. The software offers solutions to manage production schedules, track factory assets, and streamline supply chain logistics. Organizations leverage this platform to enhance operational agility and reduce production costs. As a cornerstone of digital factory solutions, DELMIA Apriso integrates seamlessly with other enterprise systems to support Industry 4.0 initiatives.

The Deserialization of Untrusted Data vulnerability in DELMIA Apriso can lead to severe security breaches. This vulnerability allows attackers to execute arbitrary code on the remote server by deserializing malicious data. It primarily affects versions of DELMIA Apriso from 2020 to 2025. By exploiting this flaw, malicious actors can compromise the system, leading to unauthorized data access or system tampering. This issue arises when the software improperly processes serialized data from untrusted sources. Recognizing and mitigating this vulnerability is critical to maintaining the integrity and security of the system.

The vulnerability, identified in the DELMIA Apriso, involves the processing of untrusted serialized data, possibly resulting in Remote Code Execution (RCE). An attacker could send a specially crafted XML payload to a vulnerable endpoint, such as /apriso/WebServices/FlexNetOperationsService.svc/Invoke. Key parameters that may be exploited include arrays and comparison functions within the serialized content. The deserialization process does not adequately check for malicious data structures, allowing an attacker to execute arbitrary code. This weakness significantly threatens the security model and could lead to complete system compromise. Monitoring and applying necessary patches is advised to prevent exploitation.

When exploited, the Deserialization of Untrusted Data vulnerability in DELMIA Apriso can have disastrous effects. Once attackers gain RCE capabilities, they can deploy malicious scripts or executables on the target system, potentially leading to data theft or loss of service. Organizations may face espionage risks, with sensitive intellectual property being exfiltrated. Additionally, production systems could be disrupted, leading to significant financial and operational impacts. Exploitation of this vulnerability could also result in reputational damage, regulatory penalties, and loss of customer trust. Consequently, ensuring secure data handling processes is crucial for safeguarding against such threats.

REFERENCES

• https://www.hacktron.ai/blog/posts/dassault-delmia-apriso-rce/
• https://www.3ds.com/vulnerability/advisories