Multiple vulnerabilities in Tridium Niagara



Published: 2018-08-17
Risk Low
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2017-16744
CVE-2017-16748
CWE-ID CWE-22
CWE-287
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Niagara 4 Framework
Universal components / Libraries / Scripting languages

Niagara AX Framework
Universal components / Libraries / Scripting languages

Vendor Tridium

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Path traversal

EUVDB-ID: #VU14442

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-16744

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote administrative attacker to cause DoS condition on the target system.

The vulnerability exists on Microsoft Windows Systems due to path traversal. A remote attacker can leverage valid platform (administrator) credentials and cause the service to crash or possibly execute arbitrary code.

Mitigation

Update Niagara 4 Framework to version 4.4.92.2.1.
Update Niagara AX Framework to version 3.8.401.

Vulnerable software versions

Niagara 4 Framework: before 4.4.92.2.1

Niagara AX Framework: before 3.8.401

External links

http://ics-cert.us-cert.gov/advisories/ICSA-18-191-03


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper authentication

EUVDB-ID: #VU14443

Risk: Low

CVSSv3.1: 7.3 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-16748

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a local unauthenticated attacker to bypass authentication on the target system.

The vulnerability exists on Microsoft Windows Systems due to improper authentication. A local attacker can use a disabled account name and a blank password, log into the local Niagara platform and gain administrator access to the Niagara system.

Mitigation

Update Niagara 4 Framework to version 4.4.92.2.1.
Update Niagara AX Framework to version 3.8.401.

Vulnerable software versions

Niagara 4 Framework: before 4.4.92.2.1

Niagara AX Framework: before 3.8.401

External links

http://ics-cert.us-cert.gov/advisories/ICSA-18-191-03


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###