CVE-2025-3942

Medium CVSS: 4.3

Improper Output Neutralization for Logs vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.

Vendor

Tridium

Product

Niagara

CWE

CWE-117

Yayın Tarihi

2025-05-22 13:15:57

Güncelleme

2025-06-04 19:27:59

Source Identifier

psirt@honeywell.com

KEV Date Added

Kategoriler

CWE-117 Niagara MEDIUM Tridium 2025

Referanslar

https://www.honeywell.com/us/en/product-security#security-notices https://www.tridium.com/us/en/product-security

Benzer Kayıtlar

Medium

CVE-2025-3941

Improper Handling of Windows ::DATA Alternate Data Stream vulnerability in Tridium Niagara Framework on Windows, Tridium…

Medium

CVE-2025-3943

Use of GET Request Method With Sensitive Query Strings vulnerability in Tridium Niagara Framework on Windows, Linux, QNX…

High

CVE-2025-3944

Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on QNX, Tridium Niagara…

High

CVE-2025-3945

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Tridium Niagara Fram…

Medium

CVE-2025-3936

Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on Windows, Tridium Nia…

High

CVE-2025-3937

Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Windows, Linux…