CVE-2025-35051

High CVSS: 7.7

Newforma Project Center Server (NPCS) accepts serialized .NET data via the '/ProjectCenter.rem' endpoint on 9003/tcp, allowing a remote, unauthenticated attacker to execute arbitrary code with 'NT AUTHORITY\NetworkService' privileges. According to the recommended architecture, the vulnerable NPCS endpoint is only accessible on an internal network. To mitigate this vulnerability, restrict network access to NPCS.

Vendor

Newforma

Product

Project Center

CWE

CWE-306

Yayın Tarihi

2025-10-09 21:15:35

Güncelleme

2026-01-09 18:18:15

Source Identifier

9119a7d8-5eab-497f-8521-727c672e3725

KEV Date Added

Kategoriler

CWE-306 Project Center HIGH Newforma 2025

Referanslar

https://projectcenter.help.newforma.com/overviews/info_exchange_overview/ https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-282-01.json https://www.cve.org/CVERecord?id=CVE-2025-35051

Benzer Kayıtlar

Medium

CVE-2025-35059

Newforma Info Exchange (NIX) '/DownloadWeb/hyperlinkredirect.aspx' provides an unauthenticated URL redirect via the 'nhl…

Medium

CVE-2025-35060

Newforma Info Exchange (NIX) provides a 'Send a File Transfer' feature that allows a remote, authenticated attacker to u…

High

CVE-2025-35061

Newforma Info Exchange (NIX) '/NPCSRemoteWeb/LegacyIntegrationServices.asmx' allows a remote, unauthenticated attacker t…

Medium

CVE-2025-35062

Newforma Info Exchange (NIX) before version 2023.1 by default allows anonymous authentication which allows an unauthenti…

Medium

CVE-2025-35052

Newforma Info Exchange (NIX) uses a hard-coded key to encrypt certain query parameters. Some encrypted parameter values…

Medium

CVE-2025-35053

Newforma Info Exchange (NIX) accepts requests to '/UserWeb/Common/MarkupServices.ashx' specifying the 'DownloadExportedP…