I
mproper Output Neutralization for Logs vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.
References
| Link | Resource |
|---|---|
| https://www.honeywell.com/us/en/product-security#security-notices | Vendor Advisory |
| https://www.tridium.com/us/en/product-security | Product |
Configurations
Configuration 1 (hide)
| AND |
|
History
04 Jun 2025, 19:27
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Blackberry qnx
Blackberry Tridium niagara Enterprise Security Tridium niagara Microsoft windows Linux linux Kernel Microsoft Linux Tridium |
|
| CWE | CWE-116 | |
| References | () https://www.honeywell.com/us/en/product-security#security-notices - Vendor Advisory | |
| References | () https://www.tridium.com/us/en/product-security - Product | |
| CPE | cpe:2.3:a:tridium:niagara_enterprise_security:4.15:*:*:*:*:*:*:* cpe:2.3:a:tridium:niagara_enterprise_security:4.10u10:*:*:*:*:*:*:* cpe:2.3:a:tridium:niagara:4.15:*:*:*:*:*:*:* cpe:2.3:a:tridium:niagara:4.10u10:*:*:*:*:*:*:* cpe:2.3:o:blackberry:qnx:-:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:a:tridium:niagara_enterprise_security:4.14u1:*:*:*:*:*:*:* cpe:2.3:a:tridium:niagara:4.14u1:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
23 May 2025, 15:55
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-05-22 13:15
Updated : 2025-06-04 19:27
NVD link : CVE-2025-3942
Mitre link : CVE-2025-3942
CVE.ORG link : CVE-2025-3942
JSON object : View
Products Affected