tridium
ICS / OT / IoTcommercial
Latest CVEs
The 15 most recently published vulnerabilities affecting tridium.
- CVE-2025-3945Improper Neutralization of Argument Delimiters in a Command (‘Argument Injection’)7.2
- CVE-2025-3944Incorrect Permission Assignment for Critical Resource7.2
- CVE-2025-3943Use of GET Request Method With sensitive Query Strings4.1
- CVE-2025-3942Improper Output Neutralization for Logs4.3
- CVE-2025-3941Improper Handling of Windows: DATA Alternate Data Stream5.4
- CVE-2025-3940Improper Use of Validation Framework5.3
- CVE-2025-3939Observable Response Discrepancy5.3
- CVE-2025-3938Missing Cryptographic Step6.8
- CVE-2025-3937Use of Password Hash with Insufficient Computational Effort7.7
- CVE-2025-3936Incorrect Permission Assignment for Critical Resource6.5
- CVE-2020-14483A timeout during a TLS handshake can result in the connection failing to terminate. This can result in a Niagara thread hanging and requires a manual restart of Niagara (Versions 4.6.96.28, 4.7.109...4.3
- CVE-2019-13528A specific utility may allow an attacker to gain read access to privileged files in the Niagara AX 3.8u4 (JACE 3e, JACE 6e, JACE 7, JACE-8000), Niagara 4.4u3 (JACE 3e, JACE 6e, JACE 7, JACE-8000), ...4.4
- CVE-2018-18985Tridium Niagara Enterprise Security 2.3u1, all versions prior to 2.3.118.6, Niagara AX 3.8u4, all versions prior to 3.8.401.1, Niagara 4.4u2, all versions prior to 4.4.93.40.2, and Niagara 4.6, all...5.4
- CVE-2017-16748An attacker can log into the local Niagara platform (Niagara AX Framework Versions 3.8 and prior or Niagara 4 Framework Versions 4.4 and prior) using a disabled account name and a blank password, g...9.8
- CVE-2017-16744A path traversal vulnerability in Tridium Niagara AX Versions 3.8 and prior and Niagara 4 systems Versions 4.4 and prior installed on Microsoft Windows Systems can be exploited by leveraging valid ...7.2