These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2025-67652 is a medium-severity credential exposure issue in AutomationDirect CLICK Programmable Logic Controller environments. According to CISA’s advisory, an attacker who can access the project file may recover exposed credentials and use them to impersonate users, escalate privileges, or gain unauthorized access to systems and services. AutomationDirect recommends updating CLICK PLUS firmware to V [truncated]
CVE-2025-25051 is a Medium-severity industrial control systems issue affecting AutomationDirect CLICK Programmable Logic Controller products. According to the CISA advisory, an attacker could decrypt sensitive data, impersonate legitimate users or devices, and potentially reach network resources for lateral movement. The published CVSS 3.1 vector indicates local access with low privileges and no user inte [truncated]
CISA published advisory ICSA-25-296-01 on 2025-10-23 for CVE-2025-62688 in AutomationDirect Productivity Suite. The issue is an incorrect permission assignment in version 4.4.1.19 that can allow a low-privileged attacker to change their role and gain full control access to the project. AutomationDirect’s published remediation is to update Productivity Suite to 4.5.0.x or higher, and to apply OT network ha [truncated]
CVE-2025-62498 is a high-severity ZipSlip-style relative path traversal issue in AutomationDirect Productivity Suite version 4.4.1.19. According to CISA’s advisory, an attacker who can tamper with a productivity project may be able to execute arbitrary code on the machine where the project is opened. The primary remediation is to move to Productivity Suite 4.5.0.x or higher and apply vendor guidance for c [truncated]
CVE-2025-61977 is a high-severity weakness in AutomationDirect Productivity Suite version 4.4.1.19. CISA describes it as a weak password recovery mechanism for forgotten passwords that can allow an attacker to decrypt an encrypted project by answering a single recovery question. The supplied advisory was published on 2025-10-23 and the enrichment does not list this CVE in CISA KEV.
CVE-2025-61934 is a critical AutomationDirect Productivity Suite issue disclosed on 2025-10-23. According to the CISA/AutomationDirect advisory, version 4.4.1.19 can bind to an unrestricted IP address, allowing an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read, write, or delete arbitrary files and folders on the target machine. CISA rates the issue 10.0 (CV [truncated]
CVE-2025-60023 is a medium-severity issue in AutomationDirect Productivity Suite version 4.4.1.19. CISA reports that a relative path traversal vulnerability can let an unauthenticated remote attacker interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine. The vendor advises upgrading Productivity Suite to version 4.5.0.x or later, and isolating PLC syste [truncated]
CVE-2025-59776 is a relative path traversal vulnerability in AutomationDirect Productivity Suite version 4.4.1.19. According to the CISA CSAF advisory, an unauthenticated remote attacker may interact with the ProductivityService PLC simulator and create arbitrary directories on the target machine. AutomationDirect advises updating Productivity Suite to version 4.5.0.x or later and applying additional netw [truncated]
CVE-2025-58429 is a high-severity issue in AutomationDirect Productivity Suite version 4.4.1.19. According to the CISA CSAF advisory published on 2025-10-23, a relative path traversal vulnerability may allow an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine. AutomationDirect recommends upgrading Productivity Suite to [truncated]
CVE-2025-58078 is a high-severity issue in AutomationDirect Productivity Suite 4.4.1.19. CISA’s advisory says an unauthenticated remote attacker can use a relative path traversal weakness to interact with the ProductivityService PLC simulator and write arbitrary data files on the target machine. AutomationDirect’s stated fix is to upgrade Productivity Suite to 4.5.0.x or later, and to apply PLC firmware u [truncated]
CVE-2025-59484 affects AutomationDirect CLICK PLUS PLC firmware, where firmware version 3.60 uses an insecure implementation of RSA. CISA published the advisory on 2025-09-23 with a HIGH CVSS score of 8.3. The vendor recommends upgrading to firmware V3.80; until then, limit exposure and apply defensive controls appropriate for industrial control environments.
CVE-2025-58473 is a medium-severity denial-of-service issue affecting AutomationDirect CLICK PLUS firmware 3.60 on the C2-03CPU-2 device. According to the CISA CSAF advisory published on 2025-09-23, an unauthenticated attacker can exhaust available Click Programming Software device sessions, disrupting availability. AutomationDirect recommends updating to firmware V3.80 and using compensating controls unt [truncated]
CISA published ICSA-25-266-01 on 2025-09-23 for CVE-2025-58069. The advisory says AutomationDirect CLICK PLUS PLC firmware version 3.60 contains a hard-coded AES key used to protect the initial messages of a new KOPS session. AutomationDirect recommends updating affected CLICK PLUS CPU firmware lines to V3.80 and, until that can be done, applying compensating controls such as network isolation, trusted in [truncated]
CVE-2025-55069 is a high-severity issue in AutomationDirect CLICK PLUS PLC firmware version 3.60. CISA’s advisory says the device uses a predictable seed for its pseudo-random number generator, which can compromise the security of generated private keys. The vendor recommends upgrading to firmware V3.80 and applying compensating controls if immediate patching is not possible. CISA published the advisory o [truncated]
CVE-2025-54855 is a medium-severity credential exposure issue in AutomationDirect CLICK PLUS. CISA’s advisory states that Click Programming Software v3.60 can store sensitive information in clear text, allowing a local user with file-system access to steal credentials while an administrator session is active. AutomationDirect recommends updating CLICK PLUS and related firmware to V3.80.
