CVE-2012-4701
NONE EPSS 92.8%
Published Feb 15, 201313y ago · Modified Jun 16, 20262w ago
Published Feb 15, 2013 13y ago
Last Modified Jun 16, 2026 2w ago
Description
Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and 3.7 allows remote attackers to read sensitive files, and consequently execute arbitrary code, by leveraging (1) valid credentials or (2) the guest feature.
Threat Intelligence
EPSS Exploit Probability
92.8% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-22 Path Traversal Resource Mgmt
Affected Products 3
References 2
- ics-cert.us-cert.gov http://ics-cert.us-cert.gov/pdf/ICSA-13-045-01.pdf
- niagara-central.com https://www.niagara-central.com/ord?portal:/dev/wiki/Niagara_AX_Security_Patch_11-Feb-2013
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.