What is CVE-2025-5086?

A critical deserialization vulnerability in 3ds DELMIA Apriso could allow remote code execution. Immediate action is required to mitigate risks associated with this vulnerability.

What is the severity of CVE-2025-5086?

CVE-2025-5086 has a severity rating of CRITICAL with a CVSS base score of 9.

Is CVE-2025-5086 in CISA KEV?

Yes. CVE-2025-5086 is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog. Organizations should prioritize remediation.

CVE-2025-5086 | Critical Vulnerability in 3ds DELMIA Apriso

CVE-2025-5086 is a critical vulnerability affecting 3ds DELMIA Apriso, specifically from Release 2020 through Release 2025. This vulnerability allows for the deserialization of untrusted data, which could lead to remote code execution. With a CVSS score of 9.0, the severity of this vulnerability is classified as critical, meaning it poses significant risks to organizations utilizing this software.

Risk to organizations includes the potential for attackers to execute arbitrary code remotely, which can compromise the integrity and functionality of affected systems. The exploitation status is critical, with confirmed exploits available in the wild. Organizations must prioritize patching immediately to mitigate the risks associated with this vulnerability.

Given the high profile nature of this vulnerability, there is an urgent need for defenders to implement necessary updates and security measures to protect against potential exploitation. The presence of public proof of concept (PoC) exploits further emphasizes the importance of immediate action.

Organizations should not only focus on patching but also consider broader security practices that can mitigate similar vulnerabilities in the future.

Vulnerability Details

The specific vulnerability affects DELMIA Apriso versions released from 2020 to 2025. It is classified under CWE-502 due to its nature of deserialization of untrusted data. The vulnerability was publicly disclosed on June 2, 2025, and has been analyzed by security experts, confirming its critical status.

Technical Analysis

The root cause of this vulnerability lies in improper handling of untrusted data during the deserialization process. Attackers can exploit this flaw via network access, which has a high attack complexity and requires no privileges or user interaction. The impact on confidentiality, integrity, and availability is high, making it a critical concern for organizations.

Risk & Impact Analysis

Real-world deployment of this vulnerability poses significant risks, particularly in environments where DELMIA Apriso is integrated into critical operational processes. The blast radius could extend to numerous systems, resulting in widespread disruption of services and data integrity loss. Given the critical CVSS score and confirmed active exploitation, organizations are urged to address this vulnerability immediately.

Exploitation Status

Signal	Status
Known Exploit	Yes
Public PoC	Yes
Actively Exploited	Yes
Ransomware Use	No

Affected Versions

The affected product is DELMIA Apriso, with all versions from 2020 through 2025 being vulnerable. Organizations should ensure that they apply the latest vendor patches to mitigate this vulnerability.

Mitigation & Remediation

Organizations should apply the vendor's recommended patches immediately to mitigate this vulnerability. In cases where immediate patching is not feasible, alternative mitigations should be considered, such as restricting network access to vulnerable components and implementing strict input validation measures. For more comprehensive guidance on security practices, organizations can refer to our penetration testing services.

Detection Guidance

To effectively monitor for potential exploitation of this vulnerability, organizations should review their logs for unusual activity related to DELMIA Apriso components. Behavioral anomalies, such as unexpected remote connections or unauthorized data manipulations, should be investigated. Additionally, network signatures related to known exploit attempts should be incorporated into intrusion detection systems.

AppSecure Threat Intelligence Insight

The long-term significance of CVE-2025-5086 highlights the critical need for organizations to regularly review and update their security practices, particularly in the context of software that processes untrusted data. This vulnerability represents a pattern of insufficient validation of external inputs, which can lead to severe security impacts.

Security teams should learn from this incident to strengthen their defenses against similar vulnerabilities. For further insights into vulnerability management, organizations can explore our guide on vulnerability management programs and best practices for secure coding. Additionally, reviewing resources on penetration testing methodologies can provide further insights into assessing and mitigating vulnerabilities.

By proactively addressing vulnerabilities like CVE-2025-5086, organizations can enhance their security posture and reduce the risk of future attacks.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-5086: Critical Vulnerability in 3ds DELMIA Apriso