CVE-2017-16744

EPSS 6.2%CWE-22

A path traversal vulnerability in Tridium Niagara AX Versions 3.8 and prior and Niagara 4 systems Versions 4.4 and prior installed on Microsoft Windows Systems can be exploited by leveraging valid platform (administrator) credentials.

Affected products

ICS-CERT · Niagara AX Framework and Niagara 4 Framework

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://ics-cert.us-cert.gov/advisories/ICSA-18-191-03 https://ics-cert.us-cert.gov/advisories/ICSA-19-022-01 http://www.securityfocus.com/bid/105101