CVE-2025-3936
published 2025-05-22CVE-2025-3936: Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows…
PriorityP358critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.37%
28.5th percentile
Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tridium | niagara | — | — |
| tridium | niagara | — | — |
| tridium | niagara | — | — |
| tridium | niagara_enterprise_security | < 4.14.2 | 4.14.2 |
| tridium | niagara_enterprise_security | < 4.15.1 | 4.15.1 |
| tridium | niagara_enterprise_security | < 4.10.11 | 4.10.11 |
| tridium | niagara_enterprise_security | — | — |
| tridium | niagara_enterprise_security | — | — |
| tridium | niagara_enterprise_security | — | — |
| tridium | niagara_framework | < 4.14.2 | 4.14.2 |
| tridium | niagara_framework | < 4.15.1 | 4.15.1 |
| tridium | niagara_framework | < 4.10.11 | 4.10.11 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Johnson Controls FX Server, FX80 and FX90 (Update A)
cisa_ics·2025-12-04
Johnson Controls FX Server, FX80 and FX90 (Update A)
ICS Advisory
##
Johnson Controls FX Server, FX80 and FX90 (Update A)
Last RevisedDecember 04, 2025
Alert CodeICSA-25-219-02
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 8.4
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Johnson Controls Inc.
- Equipment: FX Server, FX80 and FX90
- Vulnerability: Dependency on Vulnerable Third-Party Component
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to compromise the device's configuration files.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following Johnson Controls products are affected:
- FX80: FX 14.10.10 and prior
- FX80: FX 14.14.1 and prior
- FX90:
Citrix
Citrix Security Bulletin CTX123248
vendor_citrix·CVSS 5.8
CVE-2009-3936 [MEDIUM] Citrix Security Bulletin CTX123248
Citrix Security Bulletin CTX123248
CVE References: CVE-2009-3936, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
GHSA
GHSA-prr2-m2fh-3hv6: Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Wi
ghsa_unreviewed·2025-05-22
CVE-2025-3936 [MEDIUM] CWE-732 GHSA-prr2-m2fh-3hv6: Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Wi
Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.
Suricata
ET EXPLOIT D-Link HNAP - Request Remote Buffer Overflow M3 (CVE-2014-3936)
suricata·2025-05-12·CVSS 10.0
CVE-2014-3936 [CRITICAL] ET EXPLOIT D-Link HNAP - Request Remote Buffer Overflow M3 (CVE-2014-3936)
ET EXPLOIT D-Link HNAP - Request Remote Buffer Overflow M3 (CVE-2014-3936)
Rule: alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET EXPLOIT D-Link HNAP - Request Remote Buffer Overflow M3 (CVE-2014-3936)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/HNAP1/"; fast_pattern; http.request_body; content:"|40 52 34|"; reference:cve,2014-3936; classtype:attempted-admin; sid:2062285; rev:1; metadata:affected_product D_Link, attack_target Networking_Equipment, created_at 2025_05_12, cve CVE_2014_3936, deployment Perimeter, deployment Internal, confidence High, signature_severity Major, tag AI_Generated_Description, updated_at 2025_05_12, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public
Suricata
ET EXPLOIT D-Link HNAP - Request Remote Buffer Overflow M1 (CVE-2014-3936)
suricata·2025-05-12·CVSS 10.0
CVE-2014-3936 [CRITICAL] ET EXPLOIT D-Link HNAP - Request Remote Buffer Overflow M1 (CVE-2014-3936)
ET EXPLOIT D-Link HNAP - Request Remote Buffer Overflow M1 (CVE-2014-3936)
Rule: alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET EXPLOIT D-Link HNAP - Request Remote Buffer Overflow M1 (CVE-2014-3936)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/HNAP1/"; fast_pattern; http.request_body; content:"|40 5c 5c|"; reference:cve,2014-3936; classtype:attempted-admin; sid:2062282; rev:1; metadata:affected_product D_Link, attack_target Networking_Equipment, created_at 2025_05_12, cve CVE_2014_3936, deployment Perimeter, deployment Internal, confidence High, signature_severity Major, tag AI_Generated_Description, updated_at 2025_05_12, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public
Suricata
ET EXPLOIT D-Link HNAP - Request Remote Buffer Overflow M2 (CVE-2014-3936)
suricata·2025-05-12·CVSS 10.0
CVE-2014-3936 [CRITICAL] ET EXPLOIT D-Link HNAP - Request Remote Buffer Overflow M2 (CVE-2014-3936)
ET EXPLOIT D-Link HNAP - Request Remote Buffer Overflow M2 (CVE-2014-3936)
Rule: alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET EXPLOIT D-Link HNAP - Request Remote Buffer Overflow M2 (CVE-2014-3936)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/HNAP1/"; fast_pattern; http.request_body; content:"|40 5c ac|"; reference:cve,2014-3936; classtype:attempted-admin; sid:2062284; rev:1; metadata:affected_product D_Link, attack_target Networking_Equipment, created_at 2025_05_12, cve CVE_2014_3936, deployment Perimeter, deployment Internal, confidence High, signature_severity Major, tag AI_Generated_Description, updated_at 2025_05_12, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public
No public exploits indexed.
No writeups or analysis indexed.
2025-05-22
Published