CVE-2025-35051
CRITICALNewforma Project Center Server - Unauthenticated Remote Code Execution via .NET Deserialization
Title source: llmDescription
Newforma Project Center Server (NPCS) accepts serialized .NET data via the '/ProjectCenter.rem' endpoint on 9003/tcp, allowing a remote, unauthenticated attacker to execute arbitrary code with 'NT AUTHORITY\NetworkService' privileges. According to the recommended architecture, the vulnerable NPCS endpoint is only accessible on an internal network. To mitigate this vulnerability, restrict network access to NPCS.
References (3)
Core 3
Core References
Third Party Advisory
https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-282-01.json
Third Party Advisory, US Government Resource
https://www.cve.org/CVERecord?id=CVE-2025-35051
Scores
CVSS v3
9.8
EPSS
0.0076
EPSS Percentile
50.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-306
CWE-502
Status
published
Products (1)
newforma/project_center
2024.3
Published
Oct 09, 2025
Tracked Since
Feb 18, 2026