- Description
- Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.
- Source
- psirt@honeywell.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- Hype score
- Not currently trending
CVE-2025-3937 (CVSS:7.7, HIGH) is Awaiting Analysis. Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Windows, Linux..https://t.co/akaztPZlmd #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
27 May 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-3937 Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Wi… https://t.co/9t193KLqwA
@CVEnew
22 May 2025
283 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tridium:niagara:4.10u10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0615B9FA-E837-4C21-8968-F3273718DF7D"
},
{
"criteria": "cpe:2.3:a:tridium:niagara:4.14u1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BEE26A6F-876E-450D-8A5F-EF4A3EF96A13"
},
{
"criteria": "cpe:2.3:a:tridium:niagara:4.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "00C6667A-9873-4A75-AB11-3427AA1E552D"
},
{
"criteria": "cpe:2.3:a:tridium:niagara_enterprise_security:4.10u10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E694C4DB-66F7-4753-81D8-9085B5E3A207"
},
{
"criteria": "cpe:2.3:a:tridium:niagara_enterprise_security:4.14u1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "506E75F5-D259-4BAC-9C1A-83C9AD54D608"
},
{
"criteria": "cpe:2.3:a:tridium:niagara_enterprise_security:4.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6DF70636-5B89-4646-80F3-83C906B0EB3C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:blackberry:qnx:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3642981A-848E-4DEA-A904-A83B9ED4891D"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]