Medium severity5.4NVD Advisory· Published May 22, 2025· Updated Jun 17, 2026
CVE-2025-3941
CVE-2025-3941
Description
Improper Handling of Windows ::DATA Alternate Data Stream vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11.Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4<4.14.2, <4.15.1, <4.10.11+ 1 more
- (no CPE)range: <4.14.2, <4.15.1, <4.10.11
- (no CPE)range: 0
<4.14.2, <4.15.1, <4.10.11+ 1 more
- (no CPE)range: <4.14.2, <4.15.1, <4.10.11
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
2- www.honeywell.com/us/en/product-securitynvdVendor Advisory
- docs.niagara-community.com/category/tech_bullnvdPermissions Required
News mentions
0No linked articles in our index yet.