CVE-2025-55038 AutomationDirect CLICK PLUS Missing Authorization

An authorization bypass vulnerability has been discovered in the Click Plus C2-03CPU2 device firmware version 3.60. Through the KOPR protocol utilized by the Remote PLC application, authenticated users with low-level access permissions can exploit this vulnerability to read and modify PLC variabl...

PT-2025-39226

Name of the Vulnerable Software and Affected Versions Click Plus C2-03CPU2 version 3.60 Description An authorization bypass exists in the Click Plus C2-03CPU2 device firmware. An authenticated user with low-level access can exploit this issue through the KOPR protocol, used by the Remote PLC...