Computer screen showing security patch update for Dassault DELMIA Apriso

Dassault Systèmes DELMIA Apriso has a serious security flaw involving the deserialization of untrusted data (CWE-502). This vulnerability could allow attackers to execute remote code on affected systems, potentially compromising manufacturing and supply chain operations.

Currently, it is unknown if this flaw has been exploited in ransomware campaigns. However, organizations using DELMIA Apriso should act immediately.

Computer screen showing security patch update for Dassault DELMIA AprisoComputer screen showing security patch update for Dassault DELMIA Apriso

Recommended Actions:

  • Apply all vendor-provided mitigations without delay.
  • Follow BOD 22-01 guidance for cloud services.
  • If no mitigation is available, consider discontinuing use until patched.
  • Monitor systems for suspicious activity and restrict network access where possible.
Computer screen showing security patch update for Dassault DELMIA AprisoComputer screen showing security patch update for Dassault DELMIA Apriso

Deserialization vulnerabilities occur when applications process malicious serialized data, enabling attackers to run arbitrary code. Given DELMIA Apriso’s critical role in industry, protecting against this threat is essential.

Stay informed and ensure your systems are secure by following official advisories and applying updates promptly.


NPAV offers a robust solution to combat cyber fraud. Protect yourself with our top-tier security product, Z Plus Security