You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
ot/it risk
About this tag
The ot/it risk tag covers the convergence of operational technology and information technology security, with a focus on vulnerabilities that bridge these domains. Content under this tag includes analysis of CVE-2025-5086, a critical deserialization vulnerability in Dassault Systèmes DELMIA Apriso, a Manufacturing Execution System (MES) used in factory environments. The vulnerability is actively exploited and listed in CISA's Known Exploited Vulnerabilities (KEV) Catalog, highlighting the elevated risk when OT systems are exposed to IT-style threats. Discussions emphasize remediation priorities under directives like BOD 22-01, reflecting the need for coordinated OT/IT risk management in industrial settings.
CISA has added CVE-2025-5086 — a critical deserialization of untrusted data vulnerability in Dassault Systèmes DELMIA Apriso — to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation that elevates remediation priority under Binding Operational Directive (BOD)...