ГлавнаяУязвимости → CVE-2025-3937
7.7высокая

CVE-2025-3937

Описание

Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.

Затрагиваемое ПО
Tridium NiagaraTridium Niagara enterprise securityBlackberry QnxLinux Linux kernelMicrosoft Windows
CVSS
Балл7.7 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Источники
https://docs.niagara-community.com/category/tech_bullhttps://www.honeywell.com/us/en/product-security#security-notices