CVE-2024-3301

HIGH

DELMIA Apriso <2024 - Code Injection

Title source: llm

Description

An unsafe .NET object deserialization vulnerability in DELMIA Apriso Release 2019 through Release 2024 could lead to post-authentication remote code execution.

References (1)

[Various Sources] https://www.3ds.com/vulnerability/advisories

Scores

CVSS v3 8.5

EPSS 0.0953

EPSS Percentile 92.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Classification

CWE

CWE-502

Status draft

Timeline

Published May 30, 2024

Tracked Since Feb 18, 2026