A critical vulnerability in Dassault Systèmes DELMIA Apriso MOM software has been added to the KEV catalog due to active exploitation. Attackers are leveraging a deserialization flaw to execute remote code, with ongoing attempts traced back to Mexico. #CISA #CVE-2025-5086
Keypoints
- The vulnerability affects versions from Release 2020 to 2025 of DELMIA Apriso software.
- Active exploitation involves sending malicious HTTP requests to specific WebService endpoints.
- The payload used in attacks includes a malicious DLL identified as Trojan.MSIL.Zapchast.gen.
- Zapchast malware is known for spying, capturing user activity, and transmitting data to cybercriminals.
- FCEB agencies are urged to apply security updates by October 2, 2025, to mitigate risks.
Read More: https://thehackernews.com/2025/09/critical-cve-2025-5086-in-delmia-apriso.html