PT-2025-18095 · Newforma · Newforma Project Center Server
Published
1999-01-01
·
Updated
2025-10-22
·
CVE-2024-32499
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Newforma Project Center Server versions through 2023.3.0.32259
Description
The issue allows remote code execution because .NET Remoting is exposed.
Recommendations
For Newforma Project Center Server versions through 2023.3.0.32259, consider disabling .NET Remoting as a temporary workaround until a patch is available.
Restrict access to the server to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Newforma Project Center Server