CVE-2024-32499 MEDIUM

CVE-2024-32499

Vendor Newforma
Product Project Center Server
Weakness CWE-94 · Code injection
Published April 28, 2025
Last update April 28, 2025

CVSS base score

4.9/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

What the vulnerability does

01Description

Newforma Project Center Server through 2023.3.0.32259 allows remote code execution because .NET Remoting is exposed.

Key dates

02Disclosure timeline

April 28, 2025 CVE published
April 28, 2025 Record updated