The U.S. CISA has added a manufacturing software vulnerability, CVE-2025-5086, to its Known Exploited Vulnerabilities list, highlighting its significance in industrial control systems. Attack attempts exploiting this flaw have been detected, emphasizing the urgent need for patching to prevent remote code execution risks in manufacturing environments. #CISA #DELMIAApriso #CVE-2025-5086
Keypoints
- CISA added CVE-2025-5086, a critical vulnerability in DELMIA Apriso, to its KEV catalog.
- The vulnerability allows remote code execution through deserialization of untrusted data.
- Attack scans are using SOAP requests with encoded XML payloads targeting manufacturing systems.
- Depicted systems are used in aerospace, automotive, and consumer goods industries, risking major disruptions.
- FBO agencies must apply updates by October 2 to mitigate the threat posed by this vulnerability.
Read More: https://thecyberexpress.com/cisa-delmia-apriso-vulnerability/