Unrated severityNVD Advisory· Published May 22, 2025· Updated May 22, 2025

Use of Password Hash with Insufficient Computational Effort

CVE-2025-3937

Description

Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.

Affected products

Tridium/Niagara Frameworkllm-fuzzy
Range: before 4.14.2, before 4.15.1, before 4.10.11
Tridium/Niagara Enterprise Securityllm-fuzzy
Range: before 4.14.2, before 4.15.1, before 4.10.11
Tridium/Niagara Enterprise Securityv5
Range: 0
Tridium/Niagara Frameworkv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

docs.niagara-community.com/category/tech_bullmitrevendor-advisory
www.honeywell.com/us/en/product-securitymitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000