Critical Flaws in Tridium’s Niagara Framework Enable Root‑Level Takeover of Building Automation Systems

Cybersecurity researchers at Nozomi Networks Labs uncovered 13 critical vulnerabilities spanning nine CVEs in Tridium’s widely used Niagara Framework (versions 4.10u10, 4.14u1 and earlier). Flaws like improper password hashing (CVE‑2025‑3937), incorrect permissions and argument injection can be chained—especially over unencrypted Syslog—to achieve root‑level remote code execution and full system compromise. Tridium has released patches and urges immediate updates and network segmentation.

Categories

Critical Flaws in Tridium’s Niagara Framework Enable Root‑Level Takeover of Building Automation Systems

Also Read

India Emulates Electronics Success to Boost Semiconductor Manufacturing

Drone Startups Await Namo Drone Didi Scheme to Boost Revenue Amid Challenges

Indian IT Firms Significantly Reduce H-1B Dependency Amid U.S. Visa Tightening

Bending Spoons Buys Vimeo for $1.38B in All-Cash Deal, Taking It Private

Vantage Data Centers Secures $1.6B from GIC & ADIA to Expand Asia-Pacific Footprint

Thinking Machines Lab Tackles AI Inconsistency

Vantage Data Centers Raises $1.6B for Major Asia-Pacific Expansion

Why Apple Always Shows 9:41 AM in Its Product Photos

Apple Unveils iPhone Air: Thinnest iPhone Ever with Pro-Level Features

Subscribe To Our Newsletter.