CVE-2025-3938

Missing Cryptographic Step

Description

Missing Cryptographic Step vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.

INFO

Published Date :

2025-05-22T12:32:01.669Z

Last Modified :

2025-05-22T14:10:21.621Z

Source :

Honeywell

AFFECTED PRODUCTS

The following products are affected by CVE-2025-3938 vulnerability.

Vendors	Products
Blackberry	Qnx
Linux	Linux Kernel
Microsoft	Windows
Tridium	Niagara Niagara Enterprise Security

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-3938.

URL	Resource
https://docs.niagara-community.com/category/tech_bull
https://www.honeywell.com/us/en/product-security#security-notices

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact