CVE-2025-5086

What is Dassault Systèmes DELMIA Apriso?

DELMIA Apriso is a Manufacturing Execution System (MES) from Dassault Systèmes used by manufacturers in automotive, aerospace, high-tech, and life sciences industries to coordinate factory-floor operations, production planning, and quality management. Apriso integrates with ERP platforms, PLCs, and SCADA systems — bridging enterprise IT and operational technology (OT) networks. Because of its OT connectivity, a compromise of the Apriso server can provide attackers with a foothold into otherwise isolated industrial control system environments.

Overview

CVE-2025-5086 is a pre-authentication insecure deserialization vulnerability (CWE-502) in the Dassault Systèmes DELMIA Apriso FlexNetOperationsService SOAP endpoint. An unauthenticated attacker can send a crafted SOAP request to deserialize an arbitrary .NET object, triggering remote code execution under the web server context. Active exploitation was confirmed by SonicWall Capture Labs and the SANS Internet Storm Center, with the espionage-focused Trojan.MSIL.Zapchast.gen observed as a post-exploitation payload.

Affected Versions

Specific patched build numbers are not publicly disclosed — reference the Dassault Systèmes security advisory portal.

Technical Details

The vulnerability is in the FlexNetOperationsService SOAP endpoint, accessible at /apriso/WebServices/FlexNetOperationsService.svc/Invoke on port 9000 of the Apriso web server. The service uses .NET's NetDataContractSerializer for deserializing request bodies. Unlike the standard DataContractSerializer, NetDataContractSerializer includes full .NET type metadata in serialized payloads — allowing an attacker to specify arbitrary type names that will be instantiated during deserialization.

Exploit payload structure:

1. Attacker embeds a XAML object graph within the SOAP body, Base64-encoded and GZIP-compressed
2. The server deserializes the payload using NetDataContractSerializer, instantiating the XAML object
3. XamlReader.Parse() processes the XAML, loading and executing a GZIP-compressed .NET assembly
4. The assembly executes in the context of the web server process

The High attack complexity (AC:H in CVSS) reflects that the XAML GZIP payload construction and type gadget chain requires some expertise to assemble correctly. Despite this, Project Discovery released a CVE-2025-5086 scanner that automated detection, and SANS ISC observed exploit scanning from external IP addresses using it.

Key characteristics:

• Pre-authentication — no credentials required
• Targets the FlexNetOperationsService endpoint specifically
• CVSS Scope: Changed (S:C) — compromise can extend beyond the Apriso process to the underlying OS and connected OT systems
• High complexity lowers the pool of capable attackers, but public scanner tooling reduces the barrier

Discovery

Active exploitation was first publicly documented by SonicWall Capture Labs, which detected significant exploit volume against FlexNetOperationsService. SANS Internet Storm Center corroborated with observations of exploit scanning from IP 156.244.33.162 using a Project Discovery-based CVE-2025-5086 scanner.

Exploitation Context

SonicWall Capture Labs reported significant exploitation volume against Apriso instances. The primary payload observed in the wild is Trojan.MSIL.Zapchast.gen — a .NET-based espionage trojan with capabilities including keylogging, screenshot capture, and active application enumeration. This malware profile is consistent with intelligence-gathering objectives rather than ransomware or destructive attacks, suggesting nation-state or advanced criminal interest in manufacturing intellectual property.

CISA added the vulnerability to the KEV catalog on September 11, 2025, more than three months after the patch was released — indicating exploitation had been ongoing for an extended period before federal visibility was established.

Remediation

1. Apply Dassault patches immediately — contact Dassault Systèmes support or access the 3DEXPERIENCE security portal for your Apriso release (2020–2025). The CISA deadline was October 2, 2025.
2. Block external access to port 9000 — the FlexNetOperationsService endpoint on port 9000 should not be internet-accessible; restrict it to internal application servers and known integration partners via firewall rules.
3. Hunt for Trojan.MSIL.Zapchast.gen — scan the Apriso host and adjacent Windows systems for this trojan using your EDR/AV tooling; check for registry persistence, unusual scheduled tasks, and keylogger artifacts.
4. Review SOAP endpoint logs — look for requests to /apriso/WebServices/FlexNetOperationsService.svc/Invoke containing large Base64-encoded bodies from unexpected source IPs.
5. Assess OT connectivity — if Apriso has direct integration connections to PLCs, SCADA, or MES historian systems, review whether those connections could be abused from a compromised Apriso context.
6. Rotate credentials stored in or accessible from the Apriso server — the espionage trojan likely harvested credentials during any period of active compromise.