Vulnerability Details CVE-2025-3944
Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on QNX, Tridium Niagara Enterprise Security on QNX allows File Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.4%
CVSS Severity
CVSS v3 Score 7.2
References
Products affected by CVE-2025-3944
-
cpe:2.3:a:tridium:niagara:4.10u10
-
cpe:2.3:a:tridium:niagara:4.14u1
-
cpe:2.3:a:tridium:niagara:4.15
-
cpe:2.3:a:tridium:niagara_enterprise_security:4.10u10
-
cpe:2.3:a:tridium:niagara_enterprise_security:4.14u1
-
cpe:2.3:a:tridium:niagara_enterprise_security:4.15
-
cpe:2.3:o:blackberry:qnx:-
-
cpe:2.3:o:linux:linux_kernel:-
-
cpe:2.3:o:microsoft:windows:-