CVE-2025-3940

Improper Use of Validation Framework

CVSS 5.3 MEDIUMEPSS 0.3%CWE-1173

Improper Use of Validation Framework vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Tridium · Niagara Enterprise Security Tridium · Niagara Framework

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://docs.niagara-community.com/category/tech_bull https://honeywell.com/us/en/product-security#security-notices