← Back to home
ICSA-13-045-01  ·  Published 2025-06-06  ·  View on CISA ICS-CERT ↗

Tridium NiagaraAX Directory Traversal Vulnerability

CVSS 9.3 CRITICAL

CVEs (1)

Remediations

  • Tridium has developed patches for all current versions (Versions 3.5, 3.6, and 3.7) of the NiagaraAX software. Links to the patches, along with instructions on their use, can be obtained from the Tridium Security Update Web page.
  • For users of older versions of NiagaraAX software (prior to Version 3.5), Tridium recommends that users either upgrade to the newest version or take careful measures to isolate access to the Web interface from the Internet. Users are encouraged to contact Tridium for details on disabling the Web interface and for information on how to get to the most current version of NiagaraAX.

Affected Vendors

Tridium

Affected Products (1)

Tridium · Tridium NiagaraAX vers:all/*

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more