CVE-2025-3944

HIGH Year: 2025
CVSS v3 Score
7.2
High
Weakness Type
CWE-732
View all →

Vulnerability Description

Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on QNX, Tridium Niagara Enterprise Security on QNX allows File Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.

Related Vulnerabilities

CVE-2018-1000207

HIGH
CVSS:7.2(High)

MODX Revolution version <=2.6.4 contains a Incorrect Access Control vulnerability in Filtering user parameters before passing them into phpthumb class that can result in Creating file with custom a fi...

CWE-7322018

CVE-2018-5342

HIGH
CVSS:7.2(High)

An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: network services (Desktop Central and PostgreSQL) running with a superuser account.

CWE-7322018

CVE-2021-40101

HIGH
CVSS:7.2(High)

An issue was discovered in Concrete CMS before 8.5.7. The Dashboard allows a user's password to be changed without a prompt for the current password.

CWE-7322021

CVE-2023-37237

HIGH
CVSS:7.2(High)

In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH.

CWE-7322023

CVE-2018-0422

HIGH
CVSS:7.3(High)

A vulnerability in the folder permissions of Cisco Webex Meetings client for Windows could allow an authenticated, local attacker to modify locally stored files and execute code on a targeted device w...

CWE-7322018

CVE-2018-12335

HIGH
CVSS:7.3(High)

Incorrect access control in ECOS System Management Appliance (aka SMA) 5.2.68 allows a user to compromise authentication keys, and access and manipulate security relevant configurations, via unrestric...

CWE-7322018