CVE-2025-3945
HIGHDescription
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Tridium Niagara Framework on QNX, Tridium Niagara Enterprise Security on QNX allows Command Delimiters. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.
Is your site exposed to CVE-2025-3945?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| tridium | niagara |
| tridium | niagara |
| tridium | niagara |
| tridium | niagara_enterprise_security |
| tridium | niagara_enterprise_security |
| tridium | niagara_enterprise_security |
| blackberry | qnx |
References
Advisories & Patches
Other References
Frequently Asked Questions
What is CVE-2025-3945? +
How severe is CVE-2025-3945? +
What products are affected by CVE-2025-3945? +
How do I check if I'm vulnerable to CVE-2025-3945? +
Related Vulnerabilities
A hidden console command is vulnerable to command injection flaw when control characters are passed to its second argument. A …
Atheos is a self-hosted browser-based cloud integrated development environment. Prior to version 6.0.4, improper use of `escapeshellcmd()` in `/components/codegit/traits/execute.php` allows …
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations …
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in CRESTRON TOUCHSCREENS x70 allows Argument Injection.This issue affects …
XZ Utils provide a general-purpose data-compression library plus command-line tools. When built for native Windows (MinGW-w64 or MSVC), the command …
Easywall 0.3.1 allows authenticated remote command execution via a command injection vulnerability in the /ports-save endpoint that suffers from a …