HIGHπŸ‡΅πŸ‡± Wersja polska

CVE-2025-3945

CVSS 7.2v3.1pub. 2025-05-22upd. 2025-06-05

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Tridium Niagara Framework on QNX, Tridium Niagara Enterprise Security on QNX allows Command Delimiters. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11.Β Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Blackberry Qnx

    OS
    Blackberry
    wszystkie wersje
  • Tridium Niagara

    APP
    Tridium
    4.10u104.14u14.15
  • Tridium Niagara Enterprise Security

    APP
    Tridium
    4.10u104.14u14.15
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2017-16748CRITICAL9.8ten sam produkt

An attacker can log into the local Niagara platform (Niagara AX Framework Versions 3.8 and prior or Niagara 4 ...

CVE-2025-3937HIGH7.7ten sam produkt

Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Wind...

CVE-2025-3944HIGH7.2ten sam produkt

Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on QNX, Tridi...

CVE-2017-16744HIGH7.2ten sam produkt

A path traversal vulnerability in Tridium Niagara AX Versions 3.8 and prior and Niagara 4 systems Versions 4.4...

CVE-2025-3936MEDIUM6.5ten sam produkt

Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on Windows, T...

CVE-2025-3945 β€” Blackberry β€” Qnx β€” HIGH β€” CVSS 7.2 | CVEbaza.pl