2025-10-09 20:22:37
cisa-cg
PUBLISHED
Newforma Info Exchange (NIX) /NPCSRemoteWeb/LegacyIntegrationServices.asmx allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the user-configured NIX service account.