{“lastseen”:”2025-09-12T13:25:42″,”description”:”\\n\\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting Dassault Syst\u00e8mes DELMIA Apriso Manufacturing Operations Management (MOM) software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.\\n\\nThe vulnerability, tracked as CVE-2025-5086, carries a CVSS score of 9.0 out of 10.0. According to Dassault, the issue impacts versions from Release 2020 through Release 2025.\\n\\n\\”Dassault Syst\u00e8mes DELMIA Apriso contains a deserialization of untrusted data vulnerability that could lead to a remote code execution,\\” the agency said in an advisory.\\n\\nThe addition of CVE-2025-5086 to the KEV catalog comes after the SANS Internet Storm Center reported seeing exploitation attempts targeting the flaw that originate from the IP address 156.244.33[.]162, which geolocates to Mexico.\\n\\n\\n\\nThe attacks involve sending an HTTP request to the \\”\/apriso\/WebServices\/FlexNetOperationsService.svc\/Invoke\\” endpoint with a Base64-encoded payload that decodes to a GZIP-compressed Windows executable (\\”fwitxz01.dll\\”), Johannes B. Ullrich, the dean of research at the SANS Technology Institute, said.\\n\\nKaspersky has flagged the DLL as \\”Trojan.MSIL.Zapchast.gen,\\” which the company describes as a malicious program designed to electronically spy on a user’s activities, including capturing keyboard input, taking screenshots, and gathering a list of active applications, among others.\\n\\n\\”The collected information is sent to the cybercriminal by various means, including email, FTP, and HTTP (by sending data in a request),\\” the Russian cybersecurity vendor added.\\n\\nZapchast variants, according to Bitdefender and Trend Micro, have been distributed via phishing emails bearing malicious attachments for over a decade. It’s currently not clear if \\”Trojan.MSIL.Zapchast.gen\\” is an improved version of the same malware.\\n\\nIn light of active exploitation, Federal Civilian Executive Branch (FCEB) agencies are advised to apply the necessary updates by October 2, 2025, to secure their networks.\\n\\nFound this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.\\n”,”published”:”2025-09-12T11:03:00″,”modified”:”2025-09-12T12:08:28″,”type”:”thn”,”title”:”Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning”,”source”:””,”references”:””,”id”:”THN:F25ED39D7CA7DB2038139101CF3BE020″,”bulletinFamily”:”info”,”cwe”:null,”cvelist”:[“CVE-2025-5086″],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:9,”severity”:”CRITICAL”,”vector”:”CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:C\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/thehackernews.com\/2025\/09\/critical-cve-2025-5086-in-delmia-apriso.html”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-09-12T13:25:42″,”description”:”\\n\\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting Dassault Syst\u00e8mes DELMIA Apriso Manufacturing Operations Management (MOM) software…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[9,6,8,86,12,13,7,11,43,5],"class_list":["post-17239","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-critical","tag-cve","tag-cvss","tag-cvss-90","tag-exploit","tag-news","tag-security","tag-tapic","tag-thn","tag-vulnerability"],"yoast_head":"\n