CVE-2025-3941

Improper Handling of Windows: DATA Alternate Data Stream

Description

Improper Handling of Windows ::DATA Alternate Data Stream vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11.Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.

INFO

Published Date :

2025-05-22T12:38:15.750Z

Last Modified :

2025-05-22T13:52:36.314Z

Source :

Honeywell

AFFECTED PRODUCTS

The following products are affected by CVE-2025-3941 vulnerability.

Vendors	Products
Microsoft	Windows
Tridium	Niagara Niagara Enterprise Security

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-3941.

URL	Resource
https://docs.niagara-community.com/category/tech_bull
https://www.honeywell.com/us/en/product-security#security-notices

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact