Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tridium — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting Tridium. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Tridium:Niagara FrameworkTridium Niagara Enterprise Security 2.3u1, all versions prior to 2.3.118.6, Niagara AX 3.8u4, all versions prior to 3.8.401.1, Niagara 4.4u2, all versions prior to 4.4.93.40.2, and Niagara 4.6, all versions prior to 4.6.96.28.4
CVE IDTitleCVSSSeverityPublished
CVE-2025-3945 Improper Neutralization of Argument Delimiters in a Command (‘Argument Injection’) — Niagara FrameworkCWE-88 7.2 High2025-05-22
CVE-2025-3944 Incorrect Permission Assignment for Critical Resource — Niagara FrameworkCWE-732 7.2 High2025-05-22
CVE-2025-3943 Use of GET Request Method With sensitive Query Strings — Niagara FrameworkCWE-598 4.1 Medium2025-05-22
CVE-2025-3942 Improper Output Neutralization for Logs — Niagara FrameworkCWE-117 4.3 Medium2025-05-22
CVE-2025-3941 Improper Handling of Windows: DATA Alternate Data Stream — Niagara FrameworkCWE-69 5.4 Medium2025-05-22
CVE-2025-3940 Improper Use of Validation Framework — Niagara FrameworkCWE-1173 5.3 Medium2025-05-22
CVE-2025-3939 Observable Response Discrepancy — Niagara FrameworkCWE-204 5.3 Medium2025-05-22
CVE-2025-3938 Missing Cryptographic Step — Niagara FrameworkCWE-325 6.8 Medium2025-05-22
CVE-2025-3937 Use of Password Hash with Insufficient Computational Effort — Niagara FrameworkCWE-916 7.7 High2025-05-22
CVE-2025-3936 Incorrect Permission Assignment for Critical Resource — Niagara FrameworkCWE-732 6.5 Medium2025-05-22
CVE-2018-18985 TRIDIUM Niagara Enterprise Security、Niagara AX和Niagara 跨站脚本漏洞 — Tridium Niagara Enterprise Security 2.3u1, all versions prior to 2.3.118.6, Niagara AX 3.8u4, all versions prior to 3.8.401.1, Niagara 4.4u2, all versions prior to 4.4.93.40.2, and Niagara 4.6, all versions prior to 4.6.96.28.4CWE-79 5.4 -2019-01-29

This page lists every published CVE security advisory associated with Tridium. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.