CVE-2025-62688

An incorrect permission assignment for a critical resource vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker with low-privileged credentials to change their role, gaining full control access to the project...

CVE-2025-58429

A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine...

CVE-2025-58456

A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read arbitrary files on the target machine...

EUVD-2025-35742

A weak password recovery mechanism for forgotten password vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an attacker to decrypt an encrypted project by answering just one recovery question...

CVE-2025-58429

A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine...

CVE-2025-60023

A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine...

CVE-2025-60023

CVE-2025-60023 describes a relative path traversal in AutomationDirect Productivity Suite v4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine. Public advisories and ref...

CVE-2025-60023 AutomationDirect Productivity Suite Relative Path Traversal

A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine...

CVE-2025-62498

A relative path traversal ZipSlip vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker who can tamper with a productivity project to execute arbitrary code on the machine where the project is opened...

CVE-2025-61977

A weak password recovery mechanism for forgotten password vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an attacker to decrypt an encrypted project by answering just one recovery question...

CVE-2025-58429

Productivity Suite software version 4.4.1.19 contains a relative path traversal flaw that allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine. Several connected sources describe this as a ZipSlip–style v...

CVE-2025-58429 AutomationDirect Productivity Suite Relative Path Traversal

A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine...

CVE-2025-58456

CVE-2025-58456 concerns AutomationDirect’s Productivity Suite, version 4.4.1.19. The Red Hat/EUVD/NVD entries and CISA advisory corroborate a relative path traversal (ZipSlip) vulnerability in ProductivityService PLC simulator, enabling an unauthenticated remote attacker to read arbitrary files o...

CVE-2025-61934 AutomationDirect Productivity Suite Binding to an Unrestricted IP Address CWE-1327

A binding to an unrestricted IP address vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read, write, or delete arbitrary files and folders on the...

CVE-2025-62688 AutomationDirect Productivity Suite Incorrect Permission Assignment for Critical Resource

An incorrect permission assignment for a critical resource vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker with low-privileged credentials to change their role, gaining full control access to the project...

CVE-2025-62498

CVE-2025-62498 corresponds to a ZipSlip-style relative path traversal in AutomationDirect Productivity Suite 4.4.1.19. Multiple connected sources (Red Hat CVE entry, ENISA EUVD, CVE listing, and PT-Security) describe that an attacker who can tamper with a productivity project can cause arbitrary ...

PT-2025-43565

Name of the Vulnerable Software and Affected Versions Productivity Suite version 4.4.1.19 Description A relative path traversal ZipSlip issue exists in Productivity Suite software. This allows an attacker who can modify a productivity project to potentially execute arbitrary code on the system...

AutomationDirect Productivity Suite 安全漏洞

AutomationDirect Productivity Suite is a programmable logic controller programming software from AutomationDirect, Inc. A security vulnerability exists in AutomationDirect Productivity Suite version 4.4.1.19, which stems from a relative path traversal vulnerability that could allow an...

AutomationDirect Productivity Suite 安全漏洞

AutomationDirect Productivity Suite is a programmable logic controller programming software from AutomationDirect, Inc. A security vulnerability exists in AutomationDirect Productivity Suite version 4.4.1.19, which originates from a relative path traversal that can be performed by a remote attack...

AutomationDirect Productivity Suite 安全漏洞

AutomationDirect Productivity Suite is a programmable logic controller programming software from AutomationDirect, Inc. A security vulnerability exists in AutomationDirect Productivity Suite version 4.4.1.19, which originates from a remote attacker who can perform relative path traversal via the...