CVE-2025-5086 - PatchNow

Data Source: CIRCL

Confidence: HIGH

Exploitation Method: DIRECT_NETWORK

CVE Published: 2025-06-02

Added to CISA KEV: 2025-09-11 101 DAYS BETWEEN CVE AND KEV

⚠️ CRITICAL: Check for indicators of compromise - this vulnerability is in CISA KEV indicating active exploitation in the wild. Review logs, check for unauthorized access, verify system integrity before patching
Apply vendor patches immediately for all internet-facing DELMIA Apriso instances
Implement network segmentation to restrict internet access if possible
Monitor for deserialization attack patterns and unusual network traffic to DELMIA Apriso services
CRITICAL patch priority - treat as emergency due to active exploitation

Exploit Attempts for Dassault DELMIA Apriso. CVE-2025- ...
A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could lead to a remote code ...
Exploit Attempts for Dassault DELMIA Apriso. CVE-2025-5086
A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could lead to a remote code execution. Either way, we are seeing exploits for DELMIA Apriso related issues.
A deserialization of untrusted data vulnerability... · CVE-2025-5086...
Attack vector: More severe the more the remote (logically and physically) an attacker can be in order to exploit the vulnerability. · Attack ...
CVE-2025-5086 (CVSS 9.0): A Critical RCE in DELMIA Apriso ...
A critical deserialization flaw (CVE-2025-5086) in DELMIA Apriso could allow remote code execution. Exploit attempts have been seen in the ...
DELMIA Apriso - RCE (CVE-2025-5086)
CrowdSec network telemetry also shows that exploitation of CVE-2025-5086 has significantly declined over the past week. Attack volumes are well below the long-term average, suggesting attackers are rapidly losing interest. The vulnerability appears to be falling out of active use across most threat landscapes.

🔴 CVE-2025-5086