Security Advisory

CVE-2025-35061

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-09 20:22:37
Last updated 2025-10-10 19:25:07
Assigner cisa-cg
State PUBLISHED

Description

Newforma Info Exchange (NIX) /NPCSRemoteWeb/LegacyIntegrationServices.asmx allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the user-configured NIX service account.