ncorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.
| Link | Resource |
|---|---|
| https://docs.niagara-community.com/category/tech_bull | Permissions Required |
| https://www.honeywell.com/us/en/product-security#security-notices | Vendor Advisory |
Configuration 1 (hide)
| AND |
|
04 Jun 2025, 19:53
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:tridium:niagara_enterprise_security:4.14u1:*:*:*:*:*:*:* cpe:2.3:a:tridium:niagara_enterprise_security:4.15:*:*:*:*:*:*:* cpe:2.3:a:tridium:niagara_enterprise_security:4.10u10:*:*:*:*:*:*:* cpe:2.3:a:tridium:niagara:4.15:*:*:*:*:*:*:* cpe:2.3:a:tridium:niagara:4.14u1:*:*:*:*:*:*:* cpe:2.3:a:tridium:niagara:4.10u10:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
| References | () https://docs.niagara-community.com/category/tech_bull - Permissions Required | |
| References | () https://www.honeywell.com/us/en/product-security#security-notices - Vendor Advisory | |
| First Time |
Microsoft windows
Tridium Microsoft Tridium niagara Enterprise Security Tridium niagara |
23 May 2025, 15:55
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Published : 2025-05-22 13:15
Updated : 2025-06-04 19:53
NVD link : CVE-2025-3936
Mitre link : CVE-2025-3936
CVE.ORG link : CVE-2025-3936
JSON object : View
Incorrect Permission Assignment for Critical Resource