CVE-2025-3941

Medium CVSS: 5.4

Improper Handling of Windows ::DATA Alternate Data Stream vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11.Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.

Vendor

Tridium

Product

Niagara

CWE

CWE-69

Yayın Tarihi

2025-05-22 13:15:57

Güncelleme

2025-06-04 19:28:23

Source Identifier

psirt@honeywell.com

KEV Date Added

Kategoriler

CWE-69 Niagara MEDIUM Tridium 2025

Referanslar

https://docs.niagara-community.com/category/tech_bull https://www.honeywell.com/us/en/product-security#security-notices

Benzer Kayıtlar

Medium

CVE-2025-3942

Improper Output Neutralization for Logs vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niaga…

Medium

CVE-2025-3943

Use of GET Request Method With Sensitive Query Strings vulnerability in Tridium Niagara Framework on Windows, Linux, QNX…

High

CVE-2025-3944

Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on QNX, Tridium Niagara…

High

CVE-2025-3945

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Tridium Niagara Fram…

Medium

CVE-2025-3936

Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on Windows, Tridium Nia…

High

CVE-2025-3937

Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Windows, Linux…