46 matches found
EUVD-2025-30937
Malicious code in bioql PyPI...
EUVD-2025-30934
Malicious code in bioql PyPI...
CVE-2025-58069
The use of a hard-coded cryptographic key was discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software contains a hard-coded AES key used to protect the initial messages of a new KOPS session...
CVE-2025-58473
An improper resource shutdown or release vulnerability has been identified in the Click Plus C2-03CPU-2 device running firmware version 3.60. The vulnerability allows an unauthenticated attacker to perform a denial-of-service attack by exhausting all available device sessions of the Click...
CVE-2025-57882
An improper resource shutdown or release vulnerability has been identified in the Click Plus C2-03CPU-2 device running firmware version 3.60. The vulnerability allows an unauthenticated attacker to perform a denial-of-service attack by exhausting all available device sessions in the Remote PLC...
CVE-2025-59484
The use of a broken or risky cryptographic algorithm was discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software uses an insecure implementation of the RSA encryption algorithm...
CVE-2025-55069
A predictable seed in pseudo-random number generator vulnerability has been discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software implements a predictable seed for its pseudo-random number generator, which compromises the security of the...
CVE-2025-58473
An improper resource shutdown or release vulnerability has been identified in the Click Plus C2-03CPU-2 device running firmware version 3.60. The vulnerability allows an unauthenticated attacker to perform a denial-of-service attack by exhausting all available device sessions of the Click...
CVE-2025-55069
A predictable seed in pseudo-random number generator vulnerability has been discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software implements a predictable seed for its pseudo-random number generator, which compromises the security of the...
CVE-2025-55038
An authorization bypass vulnerability has been discovered in the Click Plus C2-03CPU2 device firmware version 3.60. Through the KOPR protocol utilized by the Remote PLC application, authenticated users with low-level access permissions can exploit this vulnerability to read and modify PLC variabl...
CVE-2025-57882
An improper resource shutdown or release vulnerability has been identified in the Click Plus C2-03CPU-2 device running firmware version 3.60. The vulnerability allows an unauthenticated attacker to perform a denial-of-service attack by exhausting all available device sessions in the Remote PLC...
CVE-2025-57882 AutomationDirect CLICK PLUS Improper Resource Shutdown or Release
An improper resource shutdown or release vulnerability has been identified in the Click Plus C2-03CPU-2 device running firmware version 3.60. The vulnerability allows an unauthenticated attacker to perform a denial-of-service attack by exhausting all available device sessions in the Remote PLC...
CVE-2025-57882 AutomationDirect CLICK PLUS Improper Resource Shutdown or Release
An improper resource shutdown or release vulnerability has been identified in the Click Plus C2-03CPU-2 device running firmware version 3.60. The vulnerability allows an unauthenticated attacker to perform a denial-of-service attack by exhausting all available device sessions in the Remote PLC...
CVE-2025-57882
CVE-2025-57882 affects the Click Plus C2-03CPU-2 device with firmware 3.60. It describes an improper resource shutdown/release that allows an unauthenticated attacker to cause a denial-of-service by exhausting all sessions in the Remote PLC application. Public documents confirm the issue and deta...
CVE-2025-55038 AutomationDirect CLICK PLUS Missing Authorization
An authorization bypass vulnerability has been discovered in the Click Plus C2-03CPU2 device firmware version 3.60. Through the KOPR protocol utilized by the Remote PLC application, authenticated users with low-level access permissions can exploit this vulnerability to read and modify PLC variabl...
CVE-2025-55038
CVE-2025-55038 affects AutomationDirect CLICK PLUS C2-03CPU2 firmware 3.60. Through the KOPR protocol used by the Remote PLC app, authenticated users with low-level permissions can read and modify PLC variables beyond their authorization. Documents substantiate an authorization bypass with impact...
CVE-2025-55038 AutomationDirect CLICK PLUS Missing Authorization
An authorization bypass vulnerability has been discovered in the Click Plus C2-03CPU2 device firmware version 3.60. Through the KOPR protocol utilized by the Remote PLC application, authenticated users with low-level access permissions can exploit this vulnerability to read and modify PLC variabl...
CVE-2025-58473
CVE-2025-58473 affects the Click Plus C2-03CPU-2 device running firmware 3.60. An unauthenticated attacker can trigger a denial-of-service by exhausting all device sessions in the Click Programming Software. Connected sources confirm the vulnerability type (improper resource shutdown/release) and...
CVE-2025-58473 AutomationDirect CLICK PLUS Improper Resource Shutdown or Release
An improper resource shutdown or release vulnerability has been identified in the Click Plus C2-03CPU-2 device running firmware version 3.60. The vulnerability allows an unauthenticated attacker to perform a denial-of-service attack by exhausting all available device sessions of the Click...
CVE-2025-58473 AutomationDirect CLICK PLUS Improper Resource Shutdown or Release
An improper resource shutdown or release vulnerability has been identified in the Click Plus C2-03CPU-2 device running firmware version 3.60. The vulnerability allows an unauthenticated attacker to perform a denial-of-service attack by exhausting all available device sessions of the Click...