CVE-2025-35062CRITICAL 9.8EPSS p26.8%

CVE-2025-35062CVE-2025-35062

Description

Newforma Info Exchange (NIX) before version 2023.1 by default allows anonymous authentication which allows an unauthenticated attacker to exploit additional vulnerabilities that require authentication.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.35% probability of exploitation · percentile 26.8% · 2026-06-18T12:00:27Z
Published2025-10-09
Last modified2025-10-22

Underlying weaknesses· 1

CWE-276

References

  1. https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-282-01.json
  2. https://www.cve.org/CVERecord?id=CVE-2025-35062

1

TypeTargetConfidenceTier
WeaknessIncorrect Default Permissionscwe-2760%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-35055
CVE
CVE-2025-35050
CVE
CVE-2026-23899
CVE
CVE-2025-25268
CVE
CVE-2025-1393
CVE
CVE-2025-22462
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.