Unrated severityNVD Advisory· Published May 22, 2025· Updated May 22, 2025

Improper Use of Validation Framework

CVE-2025-3940

Description

Improper Use of Validation Framework vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.

Affected products

Tridium/Niagara Frameworkllm-fuzzy
Range: before 4.14.2, before 4.15.1, before 4.10.11
Tridium/Niagara Enterprise Securityllm-fuzzy
Range: before 4.14.2, before 4.15.1, before 4.10.11
Tridium/Niagara Enterprise Securityv5
Range: 0
Tridium/Niagara Frameworkv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

docs.niagara-community.com/category/tech_bullmitrevendor-advisory
honeywell.com/us/en/product-securitymitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000