CVE-2025-3936

Medium CVSS: 6.5

Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.

Vendor

Tridium

Product

Niagara

CWE

CWE-732

Yayın Tarihi

2025-05-22 13:15:56

Güncelleme

2025-06-04 19:53:35

Source Identifier

psirt@honeywell.com

KEV Date Added

Kategoriler

CWE-732 Niagara MEDIUM Tridium 2025

Referanslar

https://docs.niagara-community.com/category/tech_bull https://www.honeywell.com/us/en/product-security#security-notices

Benzer Kayıtlar

Medium

CVE-2025-3941

Improper Handling of Windows ::DATA Alternate Data Stream vulnerability in Tridium Niagara Framework on Windows, Tridium…

Medium

CVE-2025-3942

Improper Output Neutralization for Logs vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niaga…

Medium

CVE-2025-3943

Use of GET Request Method With Sensitive Query Strings vulnerability in Tridium Niagara Framework on Windows, Linux, QNX…

High

CVE-2025-3944

Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on QNX, Tridium Niagara…

High

CVE-2025-3945

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Tridium Niagara Fram…

High

CVE-2025-3937

Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Windows, Linux…