CISA has added CVE-2025-5086, a critical remote code execution (RCE) vulnerability in Dassault Systèmes DELMIA Apriso Manufacturing Operations Management (MOM) software, to its catalog following confirmed active exploitation. Review the details of this Cybersecurity Threat Advisory to keep your system secure.
What is the threat?
This vulnerability, rated CVSS 9.0, affects DELMIA Apriso’s web-based service layer. Due to insufficient input sanitization and authentication checks, attackers can send crafted HTTP or API requests to bypass authentication and execute arbitrary code. This allows them to:
- Upload and run malicious scripts
- Modify or delete operational data
- Install persistent backdoors
- Pivot into other OT or IT systems
The flaw is network-exploitable without user interaction, requiring only access to the vulnerable system.
Why is it noteworthy?
CVE-2025-5086 is especially critical because it targets a widely used platform in sectors like aerospace, automotive, and electronics. Active exploitation confirms adversaries are already leveraging it, and long patch cycles in manufacturing heighten the risk of prolonged exposure.
What is the exposure or risk?
Exploiting CVE-2025-5086 could lead to:
- Disruption of production lines
- Corruption of manufacturing data
- Theft of proprietary designs or processes
- Safety risks in automated environments
Because DELMIA Apriso integrates with broader enterprise systems, compromise could escalate to ransomware attacks, data breaches, and reputational damage.
What are the recommendations?
Barracuda strongly recommends organizations take these steps to protect your system from this vulnerability:
- Apply Dassault’s security patches immediately for all affected versions (Release 2020–2025).
- Isolate vulnerable systems from the public internet until patched.
- Monitor network traffic for suspicious activity targeting DELMIA Apriso endpoints, including unusual HTTP requests or command execution attempts.
- Implement strict access controls and limit administrative privileges on manufacturing systems.
- Conduct a compromise assessment if your organization uses DELMIA Apriso, especially if patching was delayed.
References
For more in-depth information about the threat, please visit the following links:
- https://nvd.nist.gov/vuln/detail/CVE-2025-5086
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
If you have any questions about this Cybersecurity Threat Advisory, don’t hesitate to get in touch with Barracuda Managed XDR’s Security Operations Center.
This post originally appeared on Smarter MSP.