CVE-2025-35056 is a path traversal vulnerability (CWE-22) found in Newforma Project Center's Info Exchange (NIX) component, specifically in the '/UserWeb/Common/MarkupServices.ashx' endpoint's StreamStampImage function. This function accepts an encrypted file path parameter and returns an image representation of the specified file. An attacker with authenticated access can exploit this flaw by crafting an encrypted file path that points to arbitrary files on the server, thereby bypassing intended directory restrictions. The encryption relies on a shared, hard-coded secret key disclosed in CVE-2025-35052, which enables attackers to generate valid encrypted paths. The vulnerability is constrained by the privileges of the NIX service, typically running as 'NT AUTHORITY\NetworkService', limiting file access to what this account can read. Exploitation does not require user interaction but does require authentication, and anonymous users cannot exploit this vulnerability (per CVE-2025-35062). The vulnerability impacts confidentiality by allowing unauthorized file disclosure but does not affect integrity or availability. No patches have been linked yet, and no known exploits are reported in the wild. The CVSS v3.1 base score is 5.0, reflecting medium severity with network attack vector, low attack complexity, and privileges required but no user interaction.

For European organizations, this vulnerability poses a risk of unauthorized disclosure of sensitive files accessible to the NetworkService account on servers running Newforma Project Center. Given that Newforma Project Center is used in project management and construction industries, leaked files could include proprietary project data, architectural plans, or client information, potentially leading to intellectual property theft or regulatory compliance issues under GDPR. The medium severity and requirement for authenticated access reduce the likelihood of widespread exploitation but insider threats or compromised credentials could enable attackers to leverage this flaw. The confidentiality impact is significant in environments where sensitive data is stored on the affected systems. No direct impact on system integrity or availability is expected. Organizations with extensive use of Newforma products in Europe should assess exposure and prioritize remediation to prevent data leakage and reputational damage.

1. Apply vendor patches promptly once available to address CVE-2025-35056 and the related CVE-2025-35052 hard-coded key vulnerability. 2. Restrict access to the Newforma Project Center Info Exchange component to trusted users only, enforcing strong authentication and least privilege principles. 3. Monitor and audit access logs for unusual file access patterns indicative of exploitation attempts. 4. Rotate or invalidate any shared secret keys if possible, or implement additional encryption key management controls. 5. Employ network segmentation to isolate the Newforma servers from broader enterprise networks, limiting lateral movement. 6. Conduct regular vulnerability scans and penetration tests focusing on path traversal and file access controls. 7. Educate users on the risks of credential compromise and enforce multi-factor authentication to reduce the risk of unauthorized authenticated access.