EUVD-2025-30937

Malicious code in bioql PyPI...

EUVD-2025-30934

Malicious code in bioql PyPI...

EUVD-2025-30935

Malicious code in bioql PyPI...

CVE-2025-58473

An improper resource shutdown or release vulnerability has been identified in the Click Plus C2-03CPU-2 device running firmware version 3.60. The vulnerability allows an unauthenticated attacker to perform a denial-of-service attack by exhausting all available device sessions of the Click...

CVE-2025-59484

The use of a broken or risky cryptographic algorithm was discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software uses an insecure implementation of the RSA encryption algorithm...

CVE-2025-55069

A predictable seed in pseudo-random number generator vulnerability has been discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software implements a predictable seed for its pseudo-random number generator, which compromises the security of the...

CVE-2025-57882 AutomationDirect CLICK PLUS Improper Resource Shutdown or Release

An improper resource shutdown or release vulnerability has been identified in the Click Plus C2-03CPU-2 device running firmware version 3.60. The vulnerability allows an unauthenticated attacker to perform a denial-of-service attack by exhausting all available device sessions in the Remote PLC...

CVE-2025-57882

CVE-2025-57882 affects the Click Plus C2-03CPU-2 device with firmware 3.60. It describes an improper resource shutdown/release that allows an unauthenticated attacker to cause a denial-of-service by exhausting all sessions in the Remote PLC application. Public documents confirm the issue and deta...

CVE-2025-55038

CVE-2025-55038 affects AutomationDirect CLICK PLUS C2-03CPU2 firmware 3.60. Through the KOPR protocol used by the Remote PLC app, authenticated users with low-level permissions can read and modify PLC variables beyond their authorization. Documents substantiate an authorization bypass with impact...

CVE-2025-55038 AutomationDirect CLICK PLUS Missing Authorization

An authorization bypass vulnerability has been discovered in the Click Plus C2-03CPU2 device firmware version 3.60. Through the KOPR protocol utilized by the Remote PLC application, authenticated users with low-level access permissions can exploit this vulnerability to read and modify PLC variabl...

CVE-2025-58473 AutomationDirect CLICK PLUS Improper Resource Shutdown or Release

An improper resource shutdown or release vulnerability has been identified in the Click Plus C2-03CPU-2 device running firmware version 3.60. The vulnerability allows an unauthenticated attacker to perform a denial-of-service attack by exhausting all available device sessions of the Click...

CVE-2025-58473 AutomationDirect CLICK PLUS Improper Resource Shutdown or Release

An improper resource shutdown or release vulnerability has been identified in the Click Plus C2-03CPU-2 device running firmware version 3.60. The vulnerability allows an unauthenticated attacker to perform a denial-of-service attack by exhausting all available device sessions of the Click...

CVE-2025-59484

The use of a broken or risky cryptographic algorithm was discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software uses an insecure implementation of the RSA encryption algorithm...

CVE-2025-59484

CVE-2025-59484 affects AutomationDirect CLICK PLUS firmware 3.60, where an insecure RSA implementation enables use of a broken cryptographic algorithm. Public sources (NVD/Red Hat CVEs, CVE list, PT Security, and CISA advisory) describe the issue and confirm the affected device (Click Plus PLC) a...

CVE-2025-58069 AutomationDirect CLICK PLUS Use of Hard-coded Cryptographic Key

The use of a hard-coded cryptographic key was discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software contains a hard-coded AES key used to protect the initial messages of a new KOPS session...

PT-2025-39224

Name of the Vulnerable Software and Affected Versions Click Plus C2-03CPU-2 version 3.60 Description An improper resource shutdown or release issue exists in the Click Plus C2-03CPU-2 device. An unauthenticated attacker can cause a denial-of-service by exhausting all available device sessions of...

PT-2025-39226

Name of the Vulnerable Software and Affected Versions Click Plus C2-03CPU2 version 3.60 Description An authorization bypass exists in the Click Plus C2-03CPU2 device firmware. An authenticated user with low-level access can exploit this issue through the KOPR protocol, used by the Remote PLC...

PT-2025-39225

Name of the Vulnerable Software and Affected Versions Click Plus PLC firmware version 3.60 Description An issue was found in the Click Plus PLC firmware version 3.60 related to the use of a weak cryptographic algorithm. The software utilizes an insecure implementation of the RSA encryption...