I
mproper Use of Validation Framework vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.
References
| Link | Resource |
|---|---|
| https://docs.niagara-community.com/category/tech_bull | Permissions Required |
| https://honeywell.com/us/en/product-security#security-notices | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
04 Jun 2025, 19:28
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Blackberry qnx
Blackberry Tridium niagara Enterprise Security Tridium niagara Microsoft windows Linux linux Kernel Microsoft Linux Tridium |
|
| CWE | NVD-CWE-Other | |
| CPE | cpe:2.3:a:tridium:niagara_enterprise_security:4.15:*:*:*:*:*:*:* cpe:2.3:a:tridium:niagara_enterprise_security:4.10u10:*:*:*:*:*:*:* cpe:2.3:a:tridium:niagara:4.15:*:*:*:*:*:*:* cpe:2.3:a:tridium:niagara:4.10u10:*:*:*:*:*:*:* cpe:2.3:o:blackberry:qnx:-:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:a:tridium:niagara_enterprise_security:4.14u1:*:*:*:*:*:*:* cpe:2.3:a:tridium:niagara:4.14u1:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
| References | () https://docs.niagara-community.com/category/tech_bull - Permissions Required | |
| References | () https://honeywell.com/us/en/product-security#security-notices - Vendor Advisory |
23 May 2025, 15:55
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-05-22 13:15
Updated : 2025-06-04 19:28
NVD link : CVE-2025-3940
Mitre link : CVE-2025-3940
CVE.ORG link : CVE-2025-3940
JSON object : View
Products Affected
CWE