Tridium Niagara

CVSS 7.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could allow a local user to escalate their privileges.

CVE-2019-8998 CVE-2019-13528

Niagara AX 3.8u4: OS Dist: 2.7.402.2
Niagara AX 3.8u4: NRE Config Dist: 3.8.401.1
Niagara 4.4u3: OS Dist: 4.4.73.38.1 NRE Config
Niagara 4.4u3: Dist: 4.4.94.14.1
Niagara 4.7u1: OS Dist: (JACE 8000) 4.7.109.16.1,empty icsa-19-262-01.json,vendor_fix,Niagara 4.7u1: OS Dist (Edge 10): 4.7.109.18.1
Niagara 4.7u1: NRE Config Dist: 4.7.110.32.1,empty icsa-19-262-01.json,vendor_fix,Updates are available by contacting the sales support channel or by contacting the Tridium support team at [email protected],mailto:[email protected] icsa-19-262-01.json,vendor_fix,All Tridium Niagara users for all supported platforms are encouraged to update their systems with these releases to mitigate risk. For further guidance please contact a Tridium account manager or Customer Support.'
Review and validate the list of authorized users who can authenticate to Niagara.
Allow only trained and trusted persons to have physical access to the system, including devices with connection to the system though the Ethernet port.
If remote connections to the network are required, consider using a VPN or other means to ensure secure remote connections into the network.
For more information please refer to: Security Bulletin# SB 2019-Tridium-3
For more information please refer to: BlackBerry's Security Advisory QNX-2019-001

Tridium

Tridium · Niagara 4.7u1 (JACE-8000 Edge 10)

Tridium · Niagara 4.4u3 (JACE 3e JACE 6e JACE 7 JACE-8000)

Tridium · Niagara AX 3.8u4 (JACE 3e JACE 6e JACE 7 JACE-8000)

Commercial Facilities, Critical Manufacturing, Government Facilities, Information Technology

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.