CVE-2025-35053
BaseFortify
Publication date: 2025-10-09
Last updated on: 2025-10-22
Assigner: Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| newforma | project_center | to 2024.3 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
| CWE-73 | The product allows user input to control or influence paths or file names that are used in filesystem operations. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Newforma Info Exchange (NIX) allows an authenticated user to send requests to a specific endpoint ('/UserWeb/Common/MarkupServices.ashx') with the 'DownloadExportedPDF' command, enabling them to read and delete arbitrary files on the system with 'NT AUTHORITY\NetworkService' privileges. This means that an authenticated user can access and remove files they should not normally be able to, potentially compromising system integrity.
How can this vulnerability impact me? :
The vulnerability can impact you by allowing an authenticated user to read and delete arbitrary files with elevated privileges ('NT AUTHORITY\NetworkService'). This can lead to unauthorized data access, data loss, or disruption of services due to deletion of critical files, potentially compromising the confidentiality and availability of your system's data.