Tridium Niagara Framework
Moderate fix3 remedies
cpe:2.3:a:tridium:niagara:*:*:*:*:*:*:*
Moderate fix3 remedies
- < 4.14.2
- < 4.15.1
- < 4.10.11
Tridium Niagara Framework and Enterprise Security Improper Output Neutralization Vulnerability
Vulnerability
Patched
A vulnerability allowing input data manipulation has been identified in the Tridium Niagara Framework and Niagara Enterprise Security. This issue arises from improper output neutralization for logs and affects multiple platforms, including Windows, Linux, and QNX. The vulnerability is present in several versions of the Niagara Framework and Enterprise Security, prior to 4.14.2, 4.15.1, and 4.10.11.
Impact
Exploitation of this vulnerability could lead to unauthorized manipulation of input data, potentially causing downstream effects depending on how the manipulated data is used within the application.
Remediation
Users are advised to upgrade to Tridium Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
4.5impact
0.6exploitability
4.9remediation
7.7relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.