Handler on Duty: Johannes Ullrich
Threat Level: green
Podcast Detail
SANS Stormcast Thursday, September 4th, 2025: Dassault DELMIA Apriso Exploit Attempts; Android Updates; 1.1.1.1 Certificate Issued
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9598.mp3
My Next Class
Application Security: Securing Web Apps, APIs, and Microservices | Las Vegas | Sep 22nd - Sep 27th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | Denver | Oct 4th - Oct 9th 2025 |
Exploit Attempts for Dassault DELMIA Apriso. CVE-2025-5086
Our honeypots detected attacks against the manufacturing management system DELMIA Apriso. The deserialization vulnerability was patched in June and is one of a few critical vulnerabilities patched in recent months.
https://isc.sans.edu/diary/Exploit%20Attempts%20for%20Dassault%20DELMIA%20Apriso.%20CVE-2025-5086/32256
Android Bulletin
Google released its September update, fixing two already-exploited privilege escalation flaws and some remote code execution issues.
https://source.android.com/docs/security/bulletin/2025-09-01
Mis-issued Certificates for SAN iPAddress:1.1.1.1 by Fina RDC 2020
Certificate authority Fina RDC issues a certificate for Cloudflare’s IP address 1.1.1.1
https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/SgwC1QsEpvc
Application Security: Securing Web Apps, APIs, and Microservices | Las Vegas | Sep 22nd - Sep 27th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | Denver | Oct 4th - Oct 9th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | Dallas | Dec 1st - Dec 6th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | Orlando | Mar 29th - Apr 3rd 2026 |
Network Monitoring and Threat Detection In-Depth | Amsterdam | Apr 20th - Apr 25th 2026 |