Newforma Project Center Server Code Execution Vulnerability

Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. A code execution vulnerability exists in Newforma Project Center...

EUVD-2025-33576

Newforma Project Center Server NPCS accepts serialized .NET data via the '/ProjectCenter.rem' endpoint on 9003/tcp, allowing a remote, unauthenticated attacker to execute arbitrary code with 'NT AUTHORITY\NetworkService' privileges. According to the recommended architecture, the vulnerable NPCS...

CVE-2025-35051 Newforma Project Center Server (NPCS) .NET unauthenticated deserialization

Newforma Project Center Server NPCS accepts serialized .NET data via the '/ProjectCenter.rem' endpoint on 9003/tcp, allowing a remote, unauthenticated attacker to execute arbitrary code with 'NT AUTHORITY\NetworkService' privileges. According to the recommended architecture, the vulnerable NPCS...

CVE-2025-35051

CVE-2025-35051 affects Newforma Project Center Server (NPCS). The vulnerability exists because NPCS accepts serialized .NET data via the “/ProjectCenter.rem” endpoint on port 9003, enabling a remote, unauthenticated attacker to execute arbitrary code with the NT AUTHORITY\NetworkService privilege...

CVE-2025-35051 Newforma Project Center Server (NPCS) .NET unauthenticated deserialization

Newforma Project Center Server NPCS accepts serialized .NET data via the '/ProjectCenter.rem' endpoint on 9003/tcp, allowing a remote, unauthenticated attacker to execute arbitrary code with 'NT AUTHORITY\NetworkService' privileges. According to the recommended architecture, the vulnerable NPCS...