CVE-2025-3940

Medium CVSS: 5.3

Improper Use of Validation Framework vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.

Vendor

Tridium

Product

Niagara

CWE

CWE-1173

Yayın Tarihi

2025-05-22 13:15:56

Güncelleme

2025-06-04 19:28:55

Source Identifier

psirt@honeywell.com

KEV Date Added

Kategoriler

CWE-1173 Niagara MEDIUM Tridium 2025

Referanslar

https://docs.niagara-community.com/category/tech_bull https://honeywell.com/us/en/product-security#security-notices

Benzer Kayıtlar

Medium

CVE-2025-3941

Improper Handling of Windows ::DATA Alternate Data Stream vulnerability in Tridium Niagara Framework on Windows, Tridium…

Medium

CVE-2025-3942

Improper Output Neutralization for Logs vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niaga…

Medium

CVE-2025-3943

Use of GET Request Method With Sensitive Query Strings vulnerability in Tridium Niagara Framework on Windows, Linux, QNX…

High

CVE-2025-3944

Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on QNX, Tridium Niagara…

High

CVE-2025-3945

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Tridium Niagara Fram…

Medium

CVE-2025-3936

Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on Windows, Tridium Nia…