Tridium has a mitigation in place to handle a path traversal and improper authentication vulnerabilities in its Niagara platform, according to a report with NCCIC.
Successful exploitation of these remotely exploitable vulnerabilities, discovered by Johnathan Gains and Leet Cyber Security, could crash the device being accessed; a buffer overflow condition may allow remote code execution.
The following versions of Tridium Niagara suffer from the issues while running on the Microsoft Windows operating system:
• Niagara AX Framework Version 3.8 and prior
• Niagara 4 Framework Versions 4.4 and prior
In one issue, a path traversal vulnerability in Tridium Niagara AX and Niagara 4 systems installed on Microsoft Windows Systems can end up exploited by leveraging valid platform (administrator) credentials.
CVE-2017-16744 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.6.
In addition, an attacker can log into the local Niagara platform using a disabled account name and a blank password, granting the attacker administrator access to the Niagara system.
CVE-2017-16748 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.4.
The product sees use mainly in the critical manufacturing sector and it is deployed on a global basis.
No known public exploits specifically target these vulnerabilities. On top of that, a high skill level is needed to exploit.
Tridium recommended the following mitigation:
• Niagara AX v3.8: Apply Update 4 release (3.8.401)
• Niagara 4 Framework v4.4: Apply Update 1 release (22.214.171.124.1)
Click here for more information about these updates.