EUVD-2025-30937

Malicious code in bioql PyPI...

CVE-2025-58069

The use of a hard-coded cryptographic key was discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software contains a hard-coded AES key used to protect the initial messages of a new KOPS session...

CVE-2025-59484

The use of a broken or risky cryptographic algorithm was discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software uses an insecure implementation of the RSA encryption algorithm...

CVE-2025-55069

A predictable seed in pseudo-random number generator vulnerability has been discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software implements a predictable seed for its pseudo-random number generator, which compromises the security of the...

CVE-2025-55069 AutomationDirect CLICK PLUS Predictable Seed in Pseudo-Random Number Generator

A predictable seed in pseudo-random number generator vulnerability has been discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software implements a predictable seed for its pseudo-random number generator, which compromises the security of the...

CVE-2025-58069

The use of a hard-coded cryptographic key was discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software contains a hard-coded AES key used to protect the initial messages of a new KOPS session...

CVE-2025-59484

CVE-2025-59484 affects AutomationDirect CLICK PLUS firmware 3.60, where an insecure RSA implementation enables use of a broken cryptographic algorithm. Public sources (NVD/Red Hat CVEs, CVE list, PT Security, and CISA advisory) describe the issue and confirm the affected device (Click Plus PLC) a...

CVE-2025-58069

The CVE pertains to AutomationDirect CLICK PLUS firmware 3.60, where a hard-coded AES key is used to protect the initial messages of a new KOPS session. Root cause: hard-coded cryptographic key stored in the firmware. Impact: potential exposure of the cryptographic key and associated initial comm...

PT-2025-39222

Name of the Vulnerable Software and Affected Versions Click Plus PLC firmware version 3.60 Description A flaw exists in the pseudo-random number generator due to a predictable seed. This compromises the security of generated private keys. Recommendations Update to a newer firmware version that...

PT-2025-39223

Name of the Vulnerable Software and Affected Versions Click Plus PLC version 3.60 Description A hard-coded cryptographic key is present in firmware version 3.60 of the Click Plus PLC. This key, an AES key, is used to protect the initial messages of a new KOPS session. Recommendations At the momen...