AutomationDirect DirectLOGIC 安全漏洞

AutomationDirect DirectLOGIC is a programmable logic controller from AutomationDirect, Inc. A security vulnerability exists in AutomationDirect DirectLOGIC that originates from an attack by a specially crafted serial message sent to the CPU serial port that causes the PLC to respond to the PLC...

PT-2022-3143 · Automationdirect · Automationdirect Directlogic D0-06 Series Cpus

Name of the Vulnerable Software and Affected Versions: AutomationDirect DirectLOGIC D0-06 series CPUs versions prior to 2.72 Description: The issue is related to a vulnerability that allows an attacker to access the device and make unauthorized changes by sending a specifically crafted serial...

CVE-2022-2003

AutomationDirect DirectLOGIC is vulnerable to a specifically crafted serial message to the CPU serial port that will cause the PLC to respond with the PLC password in cleartext. This could allow an attacker to access and make unauthorized changes. This issue affects: AutomationDirect DirectLOGIC...

PT-2022-3522 · Automationdirect · C-More Ea9 Ea9-T7Cl +8

Name of the Vulnerable Software and Affected Versions: AutomationDirect DirectLOGIC versions prior to 6.73 AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73 AutomationDirect C-more EA9 EA9-T6CL-R versions prior to 6.73 AutomationDirect C-more EA9 EA9-T7CL versions prior to 6.73...

AutomationDirect DirectLOGIC with Serial Communication

1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Low attack complexity Vendor: AutomationDirect Equipment: DirectLOGIC with Serial Communication Vulnerability: Cleartext Transmission of Sensitive Information 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the original...

ICSA-20-035-01_AutomationDirect C-More Touch Panels

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: AutomationDirect Equipment: C-More Touch Panels EA9 Series Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an...

CVE-2017-14020

In AutomationDirect CLICK Programming Software Part Number C0-PGMSW Versions 2.10 and prior; C-More Programming Software Part Number EA9-PGMSW Versions 6.30 and prior; C-More Micro Part Number EA-PGMSW Versions 4.20.01.0 and prior; Do-more Designer Software Part Number DM-PGMSW Versions 2.0.3 and...

Information disclosure

In AutomationDirect CLICK Programming Software Part Number C0-PGMSW Versions 2.10 and prior; C-More Programming Software Part Number EA9-PGMSW Versions 6.30 and prior; C-More Micro Part Number EA-PGMSW Versions 4.20.01.0 and prior; Do-more Designer Software Part Number DM-PGMSW Versions 2.0.3 and...

CVE-2017-14020

CVE-2017-14020 affects AutomationDirect products including CLICK Programming Software (C0-PGMSW) <= v2.10, C-More Programming Software (EA9-PGMSW) <= v6.30, C-More Micro (EA-PGMSW) <= v4.20.01.0, Do-more Designer (DM-PGMSW) <= v2.0.3, GS Drives (GSOFT) <= v4.0.6, SL-SOFT SOLO (SL-S...

CVE-2017-14020

In AutomationDirect CLICK Programming Software Part Number C0-PGMSW Versions 2.10 and prior; C-More Programming Software Part Number EA9-PGMSW Versions 6.30 and prior; C-More Micro Part Number EA-PGMSW Versions 4.20.01.0 and prior; Do-more Designer Software Part Number DM-PGMSW Versions 2.0.3 and...

AutomationDirect Multiple Product DLL Hijacking Vulnerability

AutomationDirect is one of the larger PLC design and manufacturing companies in the world, with CLICK, C-More, and C-More Micro as part of the programming software, GS Drives as a configuration software, and SL-Soft SOLO as a temperature controller configuration software. Multiple product DLL...

AutomationDirect CLICK, C-More, C-More Micro, Do-more Designer, GS Drives, SL-Soft SOLO (Update A)

CVSS v3 6.7 Vendor: AutomationDirect --------- Begin Update A Part 1 of 3 -------- Equipment: CLICK, C-More, C-More Micro, Do-more Designer, GS Drives, SL-Soft SOLO --------- End Update A Part 1 of 3 ---------- Vulnerability: Uncontrolled Search Path Element UPDATE INFORMATION This updated...

AutomationDirect CLICK, C-More, C-More Micro, Do-more Designer, GS Drives, SL-Soft SOLO, DirectSOFT (Update B)

1. EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: AutomationDirect --------- Begin Update B Part 1 of 3 -------- Equipment: CLICK, C-More, C-More Micro, Do-more Designer, GS Drives, SL-Soft SOLO, DirectSOFT --------- End Update B Part 1 of 3...