Primary

Context

Tridium Niagara Framework and Enterprise Security Incorrect Permission Assignment Vulnerability

Vulnerability

Patched

A vulnerability exists in the Tridium Niagara Framework and Niagara Enterprise Security on Windows, prior to versions 4.14.2, 4.15.1, and 4.10.11. This vulnerability involves incorrect permission assignments that can be exploited to bypass access control security levels, potentially leading to unauthorized access or actions within the application.

Impact

Exploitation of this vulnerability could allow for unauthorized access or actions by exploiting incorrectly configured access control security levels.

Remediation

Users are advised to upgrade to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tridium Niagara Framework and Enterprise Security Incorrect Permission Assignment Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Tridium Niagara Framework

Tridium Niagara Enterprise Security

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating