Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/09/25 2:54 a.m.9 views

CVE-2025-58069

The use of a hard-coded cryptographic key was discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software contains a hard-coded AES key used to protect the initial messages of a new KOPS session...

6.9CVSS6.9AI score0.00244EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/25 2:53 a.m.3 views

CVE-2025-55038

An authorization bypass vulnerability has been discovered in the Click Plus C2-03CPU2 device firmware version 3.60. Through the KOPR protocol utilized by the Remote PLC application, authenticated users with low-level access permissions can exploit this vulnerability to read and modify PLC variabl...

7.6CVSS6.7AI score0.00237EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/23 10:24 p.m.1 views

CVE-2025-55038 AutomationDirect CLICK PLUS Missing Authorization

An authorization bypass vulnerability has been discovered in the Click Plus C2-03CPU2 device firmware version 3.60. Through the KOPR protocol utilized by the Remote PLC application, authenticated users with low-level access permissions can exploit this vulnerability to read and modify PLC variabl...

7.6CVSS6.4AI score0.00237EPSS
Exploits0References2
CVE
CVE
added 2025/09/23 10:4 p.m.14 views

CVE-2025-58069

The CVE pertains to AutomationDirect CLICK PLUS firmware 3.60, where a hard-coded AES key is used to protect the initial messages of a new KOPS session. Root cause: hard-coded cryptographic key stored in the firmware. Impact: potential exposure of the cryptographic key and associated initial comm...

6.9CVSS6.6AI score0.00244EPSS
Exploits0References2
Rows per page
Query Builder