CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-35057

Newforma Info Exchange (NIX) '/RemoteWeb/IntegrationServices.ashx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the NIX service account.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.9%

CVSS Severity

CVSS v3 Score 5.3

References

https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-282-01.json
https://www.cve.org/CVERecord?id=CVE-2025-35057

Products affected by CVE-2025-35057

Newforma » Project Center » Version: 2023.1

cpe:2.3:a:newforma:project_center:2023.1
Newforma » Project Center » Version: 2023.2

cpe:2.3:a:newforma:project_center:2023.2
Newforma » Project Center » Version: 2023.3.0.32259

cpe:2.3:a:newforma:project_center:2023.3.0.32259
Newforma » Project Center » Version: 2024.1

cpe:2.3:a:newforma:project_center:2024.1
Newforma » Project Center » Version: 2024.2

cpe:2.3:a:newforma:project_center:2024.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-35057

Products

Pricing

Contact Us