■■■□□ DELMIA Apriso has a deserialization flaw (CVE-2025-5086) let us turn a SOAP request into full RCE.
Blog by nuclei breaks down:
🚫How vulnerable code path was traced
🚫Crafting the payload
🚫Why does it impacts Apriso 2020–2025
https://projectdiscovery.io/blog/remote-code-execution-in-delmia-apriso