CVE-2025-35059 identifies an open redirect vulnerability (CWE-601) in Newforma Project Center's Info Exchange (NIX) module, specifically in the '/DownloadWeb/hyperlinkredirect.aspx' endpoint. This vulnerability arises because the 'nhl' parameter accepts URLs without proper validation or sanitization, allowing attackers to redirect users to arbitrary external websites. The vulnerability is unauthenticated, meaning attackers do not need credentials to exploit it, but exploitation requires user interaction, such as clicking a malicious link. The CVSS 3.1 score of 4.3 reflects a medium severity level, primarily due to the potential for phishing attacks or redirecting users to malicious sites that could lead to credential theft or malware infection. The vulnerability does not impact confidentiality or availability directly but can undermine user trust and integrity of the application’s navigation. No patches or fixes have been published yet, and no known exploits are currently active in the wild. This vulnerability is particularly relevant for organizations using Newforma Project Center in project management workflows, especially in sectors like architecture, engineering, and construction where this software is commonly deployed. Attackers could leverage this vulnerability in targeted phishing campaigns to redirect users to credential harvesting or malware distribution sites, exploiting the trust users place in the legitimate Newforma domain. The lack of authentication requirement and ease of crafting malicious URLs increase the risk of exploitation, although user interaction is necessary to trigger the redirect.

For European organizations, the primary impact of CVE-2025-35059 lies in the potential for social engineering and phishing attacks that exploit the open redirect to redirect users to malicious websites. This can lead to credential compromise, malware infections, or further exploitation through drive-by downloads. While the vulnerability does not directly compromise system confidentiality or availability, it can facilitate attacks that do. Organizations in sectors heavily reliant on Newforma Project Center, such as construction, engineering, and architecture firms, may face increased risk due to the software’s role in project collaboration and document sharing. The reputational damage from successful phishing attacks leveraging this vulnerability could be significant, especially under the stringent data protection regulations in Europe like GDPR. Additionally, attackers could use the open redirect to bypass security controls that rely on domain whitelisting or URL filtering. The medium CVSS score reflects that while the vulnerability is not critical, it still poses a meaningful risk that should be addressed promptly to prevent exploitation in targeted campaigns.

To mitigate CVE-2025-35059, European organizations should implement the following specific measures: 1) Monitor and restrict the use of the 'nhl' parameter by applying strict input validation and URL allowlisting at the web application or reverse proxy level to prevent redirection to untrusted domains. 2) Deploy Web Application Firewalls (WAFs) with custom rules to detect and block suspicious redirect patterns involving the vulnerable endpoint. 3) Educate users about the risks of clicking on unexpected or suspicious links, especially those appearing to originate from trusted Newforma domains. 4) Conduct regular security assessments and penetration tests focusing on URL redirect vulnerabilities within the Newforma Project Center environment. 5) Engage with Newforma for timely updates or patches and apply them as soon as they become available. 6) Implement email filtering and anti-phishing solutions to detect and quarantine phishing attempts that exploit this vulnerability. 7) Use Content Security Policy (CSP) headers to restrict where the browser can navigate or load resources from, reducing the impact of open redirects. 8) Log and analyze redirect requests to identify potential abuse patterns early. These targeted actions go beyond generic advice by focusing on the specific vulnerable parameter and the context of Newforma Project Center deployments.