PatchSiren cyber security CVE debrief
CVE-2025-58429 AutomationDirect CVE debrief
CVE-2025-58429 is a high-severity issue in AutomationDirect Productivity Suite version 4.4.1.19. According to the CISA CSAF advisory published on 2025-10-23, a relative path traversal vulnerability may allow an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine. AutomationDirect recommends upgrading Productivity Suite to 4.5.0.x or higher and, where upgrading is not possible, isolating affected PLCs and restricting network access.
- Vendor
- AutomationDirect
- Product
- Productivity Suite
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-10-23
- Original CVE updated
- 2025-10-23
- Advisory published
- 2025-10-23
- Advisory updated
- 2025-10-23
Who should care
OT/ICS teams, automation engineers, and Windows workstation administrators who use AutomationDirect Productivity Suite 4.4.1.19, especially where the ProductivityService PLC simulator or connected Productivity PLCs are reachable from a network.
Technical summary
The supplied advisory describes a relative path traversal flaw affecting Productivity Suite 4.4.1.19. The issue is remotely reachable over the network, requires no authentication, and can let an attacker interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine. The provided CVSS 3.1 vector is AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H, which aligns with remote exposure, no privileges, and meaningful availability impact.
Defensive priority
High. Prioritize any system running Productivity Suite 4.4.1.19 that is network-reachable, because the issue is unauthenticated and can be used to delete files on the host.
Recommended defensive actions
- Upgrade Productivity Suite programming software to version 4.5.0.x or higher.
- Update the firmware of Productivity PLCs to the latest version from AutomationDirect's software downloads.
- Identify and inventory any affected installations of Productivity Suite 4.4.1.19 and related Productivity PLCs.
- If upgrading is not immediately possible, physically disconnect the PLC from external networks, including the internet and LANs.
- Use network segmentation to isolate affected PLCs from other devices and systems.
- Implement firewall rules or NAC policies to block incoming and outgoing traffic to affected PLCs.
- Review AutomationDirect's security considerations and apply a broader defense-in-depth approach for the automation environment.
- Contact AutomationDirect Technical Support if you need vendor guidance on remediation or compensating controls.
Evidence notes
All claims are limited to the supplied CISA CSAF record and its cited official links. The advisory was published on 2025-10-23 and the supplied record contains no KEV listing. The described impact, affected version, and remediation come directly from the advisory text and remediation fields.
Official resources
-
CVE-2025-58429 CVE record
CVE.org
-
CVE-2025-58429 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in CISA ICS advisory ICSA-25-296-01 on 2025-10-23. The supplied record does not indicate a Known Exploited Vulnerabilities listing.