CVE-2025-35051CRITICAL 9.8EPSS p50.6%

CVE-2025-35051CVE-2025-35051

Description

Newforma Project Center Server (NPCS) accepts serialized .NET data via the '/ProjectCenter.rem' endpoint on 9003/tcp, allowing a remote, unauthenticated attacker to execute arbitrary code with 'NT AUTHORITY\NetworkService' privileges. According to the recommended architecture, the vulnerable NPCS endpoint is only accessible on an internal network. To mitigate this vulnerability, restrict network access to NPCS.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.77% probability of exploitation · percentile 50.6% · 2026-06-18T12:00:27Z
Published2025-10-09
Last modified2026-04-26

Underlying weaknesses· 2

CWE-306CWE-502

References

  1. https://projectcenter.help.newforma.com/overviews/info_exchange_overview/
  2. https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-282-01.json
  3. https://www.cve.org/CVERecord?id=CVE-2025-35051

2

TypeTargetConfidenceTier
WeaknessMissing Authentication for Critical Functioncwe-3060%live
WeaknessDeserialization of Untrusted Datacwe-5020%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-35050
CVE
CVE-2025-31351
CVE
CVE-2025-59237
CVE
CVE-2025-32825
CVE
CVE-2025-34394
CVE
CVE-2025-11367
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.