1080*80 ad
Home » Blog » CISA Adds Dassault Systèmes DELMIA Apriso Vulnerabilities to Known Exploited Vulnerabilities List

CISA Adds Dassault Systèmes DELMIA Apriso Vulnerabilities to Known Exploited Vulnerabilities List

Benhcmark Administrator Benhcmark Administrator
29/11/2025
1 View 0
CISA Adds Dassault Systèmes DELMIA Apriso Vulnerabilities to Known Exploited Vulnerabilities List

Urgent Security Alert: CISA Warns of Actively Exploited Flaws in DELMIA Apriso Software

A critical security warning has been issued for organizations utilizing Dassault Systèmes’ DELMIA Apriso, a widely used Manufacturing Operations Management (MOM) platform. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three specific vulnerabilities affecting the software to its Known Exploited Vulnerabilities (KEV) catalog, signaling that they are being actively targeted by malicious actors in the wild.

This development elevates the threat level from theoretical to immediate, requiring urgent action from all organizations that rely on this platform to manage their manufacturing and industrial processes.

The High-Risk Vulnerabilities Explained

The vulnerabilities in question pose a significant risk to industrial environments, potentially allowing attackers to compromise sensitive systems, disrupt operations, and steal valuable data. CISA has highlighted the following three flaws:

  • CVE-2023-28255: A path traversal vulnerability that could allow an attacker to access and manipulate files on the server that should be restricted. This could lead to information disclosure, data tampering, or the execution of unauthorized code.
  • CVE-2023-28256: This flaw involves the insecure deserialization of data. A successful exploit could allow an unauthenticated attacker to execute arbitrary code remotely on the affected system, effectively giving them complete control.
  • CVE-2023-28257: Another critical path traversal vulnerability that expands the attack surface, further enabling unauthorized file system access and potential system compromise.

The addition of these vulnerabilities to the KEV catalog is a serious matter. It confirms that CISA has reliable evidence of active exploitation, meaning cybercriminals are already using these weaknesses to attack organizations.

Why This Matters for Your Organization

DELMIA Apriso is deeply integrated into the manufacturing sector, connecting production lines, supply chains, and quality control systems. A compromise of this platform could have devastating consequences, including:

  • Production Halts: Attackers could shut down or manipulate manufacturing processes, leading to significant financial losses and operational chaos.
  • Data Theft: Sensitive intellectual property, production formulas, and operational data could be stolen.
  • System Sabotage: Malicious actors could damage physical equipment controlled by the software or compromise product quality.
  • Lateral Movement: A compromised MOM system can serve as a beachhead for attackers to move deeper into a corporate network, targeting other critical assets.

Given its role in critical infrastructure, securing DELMIA Apriso platforms is not just an IT issue—it’s a crucial operational security priority.

Actionable Steps to Mitigate the Threat

CISA has issued a directive for federal agencies to apply the necessary patches by a specific deadline. While this mandate applies directly to government bodies, it serves as a critical benchmark and strong recommendation for all private sector organizations.

To protect your systems, follow these essential security measures immediately:

  1. Patch Immediately: The most critical step is to apply the security updates provided by Dassault Systèmes. Do not delay this process. Prioritize patching all internet-facing systems first, followed by internal instances.
  2. Identify All Instances: Conduct a thorough audit of your network to identify all systems running the vulnerable DELMIA Apriso software. You cannot secure what you do not know you have.
  3. Enhance Network Segmentation: Isolate the systems running DELMIA Apriso from the broader corporate network and the public internet wherever possible. This can limit the “blast radius” if a compromise occurs, preventing an attacker from easily moving to other parts of your network.
  4. Monitor for Suspicious Activity: Actively monitor logs and network traffic associated with your Apriso servers for any signs of compromise or unusual access patterns, especially from unknown IP addresses. Look for evidence of file system manipulation or unexpected command execution.

The active exploitation of these vulnerabilities underscores the growing trend of attackers targeting specialized industrial and operational technology (OT) systems. Proactive security and swift remediation are your best defenses against this immediate and credible threat.

Source: https://securityaffairs.com/183990/security/u-s-cisa-adds-dassault-systemes-delmia-apriso-flaws-to-its-known-exploited-vulnerabilities-catalog.html

900*80 ad

Related Articles
      1080*80 ad
      About Hosterdojo

      Hosterdojo reviews server performance, network capabilities, and other related benchmarks. If you are a provider interested in submitting your VPS products, feel free to reach out to me.

      Email: [email protected]
      Telegram Channel: https://t.me/hosterdojo

      Follow

      Useful Link

      Girl in a jacket