CVE-2025-3936

Incorrect Permission Assignment for Critical Resource

Description

Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.

INFO

Published Date :

2025-05-22T12:20:42.337Z

Last Modified :

2025-05-22T17:29:38.532Z

Source :

Honeywell

AFFECTED PRODUCTS

The following products are affected by CVE-2025-3936 vulnerability.

Vendors	Products
Microsoft	Windows
Tridium	Niagara Niagara Enterprise Security

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-3936.

URL	Resource
https://docs.niagara-community.com/category/tech_bull
https://www.honeywell.com/us/en/product-security#security-notices

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact