Newforma Info Exchange NTLMv2 Authentication Bypass Vulnerability via LegacyIntegrationServices

Vulnerability

A vulnerability in Newforma Info Exchange (NIX) has been identified, specifically in the '/NPCSRemoteWeb/LegacyIntegrationServices.asmx' endpoint. This vulnerability allows remote, unauthenticated attackers to manipulate NIX into establishing an SMB connection with an attacker-controlled system. Consequently, the attacker can intercept the NTLMv2 hash of the user-configured NIX service account.

Impact

Exploitation of this vulnerability leads to an unauthorized capture of NTLMv2 authentication hashes, which can be used in pass-the-hash attacks or to impersonate the service account.

Added: Oct 9, 2025, 9:28 PM

Updated: Oct 9, 2025, 9:28 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.2

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.2

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Newforma Info Exchange NTLMv2 Authentication Bypass Vulnerability via LegacyIntegrationServices

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating