ICSA-18-191-03 · Published 2018-08-16 · View on CISA ICS-CERT ↗

Tridium Niagara

CVSS 7.4 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to read, write, and delete sensitive files to gain administrator privileges on the Niagara system.

CVEs (2)

CVE-2017-16744 CVE-2017-16748

Remediations

Niagara AX v3.8: Apply Update 4 release (3.8.401)
Niagara 4 Framework v4.4: Apply Update 1 release (4.4.92.2.1)

Affected Vendors

Tridium

Affected Products (2)

Tridium · Niagara 4 Framework <= 4.4

Tridium · Niagara AX Framework <= 3.8

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more