Improper Use of Validation Framework vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.
References
Link | Resource |
---|---|
https://docs.niagara-community.com/category/tech_bull | Permissions Required |
https://honeywell.com/us/en/product-security#security-notices | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
04 Jun 2025, 19:28
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:tridium:niagara_enterprise_security:4.10u10:*:*:*:*:*:*:* cpe:2.3:a:tridium:niagara:4.14u1:*:*:*:*:*:*:* cpe:2.3:o:blackberry:qnx:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:tridium:niagara:4.15:*:*:*:*:*:*:* cpe:2.3:a:tridium:niagara_enterprise_security:4.15:*:*:*:*:*:*:* cpe:2.3:a:tridium:niagara_enterprise_security:4.14u1:*:*:*:*:*:*:* cpe:2.3:a:tridium:niagara:4.10u10:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
First Time |
Tridium
Tridium niagara Blackberry Microsoft Linux Microsoft windows Linux linux Kernel Tridium niagara Enterprise Security Blackberry qnx |
|
CWE | NVD-CWE-Other | |
References | () https://docs.niagara-community.com/category/tech_bull - Permissions Required | |
References | () https://honeywell.com/us/en/product-security#security-notices - Vendor Advisory |
23 May 2025, 15:55
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
22 May 2025, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-22 13:15
Updated : 2025-06-04 19:28
NVD link : CVE-2025-3940
Mitre link : CVE-2025-3940
CVE.ORG link : CVE-2025-3940
JSON object : View
Products Affected
tridium
- niagara
- niagara_enterprise_security
microsoft
- windows
linux
- linux_kernel
blackberry
- qnx
CWE