/
Niagara QNX Patches - HAREMB-1220/1221

Niagara QNX Patches - HAREMB-1220/1221

Owned by Matthew Webb
Last updated: Aug 28, 2019

Problem:

Two vulnerabilities have been discovered in the QNX operating system images distributed by Tridium.
The first vulnerability is related to a vulnerability that could allow a less privileged process to gain read access to privileged files.
The second is related to a vulnerability in the QNX procfs service that could allow a less privileged process to gain access to a chosen process's address space.
 
The following supported platforms are impacted: 

  • Niagara AX 3.8u4 (JACE 3e, JACE 6e, JACE 7, JACE-8000)
  • Niagara 4.4u3 (JACE 3e, JACE 6e, JACE 7, JACE-8000)
  • Niagara 4.7u1 (JACE-8000, Edge 10)

 
 
NOTE: Niagara Windows and Linux Supervisor installations are not impacted.
 


Solution:

Installing the patched files for the affected versions will remedy the issue. 

Installation Instructions

Archive the files at the bottom of this article. These contains folders for Niagara Ax 3.8 update 4 (r38), Niagara 4.4 update 3 (r44) and, Niagara 4.7 update 1 (r47).


  1. Unzip the zip archive into a temporary working folder.
  2. Make sure you have the corresponding version of Niagara Workbench installed.
  3. Copy the dist files from the folder (r38, r44 or r47) for that release into:
    1. <niagara_user_home> \ sw \ inbox 


Note: <niagara_user_home> in N4 is your windows profile user folder \ Niagara4.x \<brandId> 

Example:

C:\users\myUserName\Niagara4.7\tridium\sw\inbox


Note: In Ax the niagara_user_home is the location where you installed.

Example:

C:\Niagara\Niagara-3.8.401\sw\inbox


  1. Restart the version of Workbench you are updating.
  2. Connect to the platform of the device
  3. Open the Software Manager
  4. Observe the files are no longer in the inbox of the user home
  5. Commission the device using the “Commissioning Wizard”
    1. Make sure the “install/upgrade core software from distribution files” box is checked
    2. Confirm the version number of the dists being installed
ProductQNX Patches
Niagara AX 3.8u4OS Dist: 2.7.402.2
NRE Config Dist: 3.8.401.1
Niagara 4.4u3

OS Dist: 4.4.73.38.1

NRE Config Dist: 4.4.94.14.1

Niagara 4.7u1

OS Dist: (JACE 8000) 4.7.109.16.1
OS Dist (Edge 10): 4.7.109.18.1

NRE Config Dist: 4.7.110.32.1

Related content

Eliminating multiple Host ID on a single Microsoft Windows platform
Eliminating multiple Host ID on a single Microsoft Windows platform
Technical Support
More like this
Chromium Vulnerability: Please Update Your Niagara Software
Chromium Vulnerability: Please Update Your Niagara Software
Technical Support
More like this
Vykon Security Update Releases for Niagara AX (3.8U4) and Niagara 4 (4.4U1)
Vykon Security Update Releases for Niagara AX (3.8U4) and Niagara 4 (4.4U1)
Technical Support
More like this
Insecure Niagara Version
Insecure Niagara Version
nProtex
More like this
Niagara Web Launcher is Available for Download!
Niagara Web Launcher is Available for Download!
Technical Support
More like this
Installing automateArc
Installing automateArc
automateArc
More like this