Multiple vulnerabilities in Tridium Niagara
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2017-16744 CVE-2017-16748 |
| CWE-ID | CWE-22 CWE-287 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Niagara 4 Framework Universal components / Libraries / Scripting languages Niagara AX Framework Universal components / Libraries / Scripting languages |
| Vendor | Tridium |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Path traversal
EUVDB-ID: #VU14442
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-16744
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote administrative attacker to cause DoS condition on the target system.
The vulnerability exists on Microsoft Windows Systems due to path traversal. A remote attacker can leverage valid platform (administrator) credentials and cause the service to crash or possibly execute arbitrary code.
MitigationUpdate Niagara 4 Framework to version 4.4.92.2.1.
Update Niagara AX Framework to version 3.8.401.
Niagara 4 Framework: before 4.4.92.2.1
Niagara AX Framework: before 3.8.401
CPE2.3- cpe:2.3:a:tridium:niagara_4_framework:*:*:*:*:*:*:*:*
- cpe:2.3:a:tridium:niagara_ax_framework:*:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/ICSA-18-191-03
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper authentication
EUVDB-ID: #VU14443
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-16748
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a local unauthenticated attacker to bypass authentication on the target system.
The vulnerability exists on Microsoft Windows Systems due to improper authentication. A local attacker can use a disabled account name and a blank password, log into the local Niagara platform and gain administrator access to the Niagara system.
MitigationUpdate Niagara 4 Framework to version 4.4.92.2.1.
Update Niagara AX Framework to version 3.8.401.
Niagara 4 Framework: before 4.4.92.2.1
Niagara AX Framework: before 3.8.401
CPE2.3- cpe:2.3:a:tridium:niagara_4_framework:*:*:*:*:*:*:*:*
- cpe:2.3:a:tridium:niagara_ax_framework:*:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/ICSA-18-191-03
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
