255 matches found
CVE-2025-25051 AutomationDirect CLICK Programmable Logic Controller Plaintext Storage of a Password
An attacker could decrypt sensitive data, impersonate legitimate users or devices, and potentially gain access to network resources for lateral attacks...
CVE-2025-25051 AutomationDirect CLICK Programmable Logic Controller Plaintext Storage of a Password
An attacker could decrypt sensitive data, impersonate legitimate users or devices, and potentially gain access to network resources for lateral attacks...
CVE-2025-25051
CVE-2025-25051 pertains to AutomationDirect CLICK PLC, where the vulnerability arises from plaintext storage of a password in the project file. An attacker with access to the project file could decrypt credentials, impersonate legitimate users or devices, and potentially access network resources ...
CVE-2025-67652 AutomationDirect CLICK Programmable Logic Controller Weak Encoding for Password
An attacker with access to the project file could use the exposed credentials to impersonate users, escalate privileges, or gain unauthorized access to systems and services. The absence of robust encryption or secure handling mechanisms increases the likelihood of this type of exploitation, leavi...
CVE-2025-67652
CVE-2025-67652 affects AutomationDirect CLICK PLC (project file handling) with weak password encoding in the addressed project file. Root cause: insufficient encryption/secure storage of credentials, enabling an attacker with local access to the project file to impersonate users, escalate privile...
AutomationDirect CLICK Programmable Logic Controller security vulnerability
The AutomationDirect CLICK Programmable Logic Controller is a programmable logic controller developed by the AutomationDirect company in the United States. The AutomationDirect CLICK Programmable Logic Controller has a security vulnerability. This vulnerability allows attackers to decrypt sensiti...
AutomationDirect CLICK Programmable Logic Controller security vulnerability
The AutomationDirect CLICK Programmable Logic Controller is a programmable logic controller developed by the AutomationDirect company in the United States. The AutomationDirect CLICK Programmable Logic Controller has a security vulnerability. This vulnerability stems from the exposure of...
CVE-2025-62688
CVE-2025-62688 concerns Productivity Suite software v4.4.1.19, where an incorrect permission assignment for a critical resource enables a user with low-privileged credentials to change their role and gain full control access to the project. The Red Hat, NVD, and other feeds corroborate the same d...
CVE-2025-62688 AutomationDirect Productivity Suite Incorrect Permission Assignment for Critical Resource
An incorrect permission assignment for a critical resource vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker with low-privileged credentials to change their role, gaining full control access to the project...
CISA Releases Eight Industrial Control Systems Advisories
CISA released eight Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-296-01 AutomationDirect Productivity Suite ICSA-25-296-02 ASKI Energy ALS-Mini-S8 and ALS-Mini-S4...
AutomationDirect Productivity Suite
RISK EVALUATION Successful exploitation of these vulnerabilities could enable an attacker to execute arbitrary code, disclose information, gain full-control access to projects, or obtain read and write access to files. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...
AutomationDirect Productivity Suite 安全漏洞
AutomationDirect Productivity Suite is a programmable logic controller programming software from AutomationDirect, Inc. A security vulnerability exists in AutomationDirect Productivity Suite version 4.4.1.19, which stems from a relative path traversal vulnerability that could allow an...
AutomationDirect Productivity Suite 安全漏洞
AutomationDirect Productivity Suite is a programmable logic controller programming software from AutomationDirect, Inc. A security vulnerability exists in AutomationDirect Productivity Suite version 4.4.1.19, which originates from a relative path traversal that can be performed by a remote attack...
AutomationDirect Productivity Suite 授权问题漏洞
AutomationDirect Productivity Suite is a programmable logic controller programming software from AutomationDirect. An authorization issue vulnerability exists in AutomationDirect Productivity Suite version v4.4.1.19, which stems from a weak password recovery mechanism that allows an attacker to...
AutomationDirect Productivity Suite 安全漏洞
AutomationDirect Productivity Suite is a programmable logic controller programming software from AutomationDirect, Inc. A security vulnerability exists in AutomationDirect Productivity Suite version 4.4.1.19, which originates from a remote attacker who can perform relative path traversal via the...
AutomationDirect Productivity Suite 安全漏洞
AutomationDirect Productivity Suite is a programmable logic controller programming software from AutomationDirect, Inc. A security vulnerability exists in AutomationDirect Productivity Suite version 4.4.1.19, which stems from a relative path traversal vulnerability that could allow an...
AutomationDirect Productivity Suite 安全漏洞
AutomationDirect Productivity Suite is a programmable logic controller programming software from AutomationDirect, Inc. A security vulnerability exists in AutomationDirect Productivity Suite version 4.4.1.19, which stems from a relative path traversal vulnerability that could lead to the executio...
AutomationDirect Productivity Suite 安全漏洞
AutomationDirect Productivity Suite is a programmable logic controller programming software from AutomationDirect, Inc. A security vulnerability exists in AutomationDirect Productivity Suite version v4.4.1.19, which originates from a binding to an unrestricted IP address and could allow an...
EUVD-2017-5535
Malware in sbrugna...
EUVD-2022-34744
Malicious code in bioql PyPI...