Tridium Technical Bulletin: Cybersecurity Advisory affecting Niagara AX- and Niagara 4-based Systems

Cybersecurity advisory affecting Niagara AX- and Niagara 4-based systems.

Dear valued partner,

In June of 2018, Tridium incorporated a number of fixes to security vulnerabilities in Niagara AX and Niagara 4 through security update releases. Click to read the technical bulletin. Two of these vulnerabilities, which are affecting Niagara systems on Microsoft Windows platforms, were reported to the National Cybersecurity and Communications Integration Center (NCCIC). An Industrial Control Systems (ICS) Advisory has been issued.

REQUIRED ACTION
It is important that all Niagara AX and Niagara 4 customers ensure they have updated their systems to the most current version to mitigate risk. Tridium takes cybersecurity very seriously. We recognize that the security of our products is of critical importance to our customers and the Niagara Community. If you have any questions, please contact your Tridium account manager or support@tridium.com.

IMPACTED PRODUCTS
It is important to note that JACE® controllers are not affected by these vulnerabilities, but the vulnerabilities are applicable to Niagara systems running on the Microsoft Windows operating system, including Niagara AX and Niagara 4 Supervisors.

For Niagara 4, the vulnerabilities were resolved in the latest two releases:
Niagara 4.6 (4.6.96.28.4), July 2018
Niagara 4.4u1 (4.4.92.2.1), June 2018
For Niagara AX, the vulnerabilities were resolved in the latest release:
Niagara AX 3.8u4 (3.8.401), June 2018

These fixes will be incorporated into all future releases of Niagara.

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on pinterest
Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

BE IN THE KNOW

Join 7,597 other subscribers