Tridium Niagara

14 CVEs affecting Tridium Niagara. Latest disclosed: 2025-05-22. Critical: 1, High: 4.

Top CVEs affecting Tridium Niagara
CVESeverityScorePublishedSummary
CVE-2017-16748Critical9.82018-08-20An attacker can log into the local Niagara platform (Niagara AX Framework Versions 3.8 and prior or Niagara 4 Framework Versions 4.4 and prior) using a disable…
CVE-2025-3937High7.72025-05-22Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Secur…
CVE-2025-3945High7.22025-05-22Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Tridium Niagara Framework on QNX, Tridium Niagara Enterpris…
CVE-2025-3944High7.22025-05-22Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on QNX, Tridium Niagara Enterprise Security on QNX allows File…
CVE-2017-16744High7.22018-08-20A path traversal vulnerability in Tridium Niagara AX Versions 3.8 and prior and Niagara 4 systems Versions 4.4 and prior installed on Microsoft Windows Systems…
CVE-2025-3938Medium6.82025-05-22Missing Cryptographic Step vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows…
CVE-2025-3936Medium6.52025-05-22Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows all…
CVE-2025-3941Medium5.42025-05-22Improper Handling of Windows ::DATA Alternate Data Stream vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows…
CVE-2018-18985Medium5.42019-01-29Tridium Niagara Enterprise Security 2.3u1, all versions prior to 2.3.118.6, Niagara AX 3.8u4, all versions prior to 3.8.401.1, Niagara 4.4u2, all versions prio…
CVE-2025-3940Medium5.32025-05-22Improper Use of Validation Framework vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux…
CVE-2025-3939Medium5.32025-05-22Observable Response Discrepancy vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX a…
CVE-2025-3942Medium4.32025-05-22Improper Output Neutralization for Logs vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linu…
CVE-2020-14483Medium4.32020-08-13A timeout during a TLS handshake can result in the connection failing to terminate. This can result in a Niagara thread hanging and requires a manual restart o…
CVE-2025-3943Medium4.12025-05-22Use of GET Request Method With Sensitive Query Strings vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security o…