Source: Ministry of education information & communication security contingency platform
"" "" ""
| Publication Number | TACERT-ANA-2025091611095757 | Publication Time | 2025/09/16 11:21 |
| Incident Type | ANA-Vulnerability Alert | Discovery Time | 2025/09/16 11:21 |
| Impact Level | Low | ||
| [Subject] 【Vulnerability Alert】CISA has added 1 vulnerability known to be exploited by hackers to the KEV catalog (2025/09/08–2025/09/14). |
|||
|
[Content] 【CVE-2025-5086】Dassault Systèmes DELMIA Apriso Deserialization of Untrusted Data Vulnerability (CVSS v3.1: 9.0) 【Ransomware Exploitation: Unknown】 A deserialization of untrusted data vulnerability exists in Dassault Systèmes DELMIA Apriso, which may lead to remote code execution. 【Affected Platforms】Please refer to the affected versions listed in the official advisory: https://www.3ds.com/trust-center/security/security-advisories/cve-2025-5086 |
|||
| [Affected Platform] Detailed information on affected platforms can be found in the “Description” section of the advisory. |
|||
| [Recommended Actions] 【CVE-2025-5086】 Follow the vendor’s instructions to implement mitigation measures and comply with the applicable BOD 22-01 guidelines to ensure the security of cloud services. If mitigation cannot be implemented, discontinue the use of this product. |
|||
| [Reference] |
|||