CVE-2025-35058

Publication date

2025-10-09 20:21:43

Family

cisa-cg

State

PUBLISHED

Description

Newforma Info Exchange (NIX) /UserWeb/Common/MarkupServices.ashx allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the customer-configured NIX service account.