Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    30 vulnerabilities found for Productivity Suite by AutomationDirect

    CVE-2026-61378 (GCVE-0-2026-61378)

    Vulnerability from nvd – Published: 2026-07-16 20:30 – Updated: 2026-07-17 13:22
    VLAI
    Title
    AutomationDirect Productivity Suite Divide By Zero
    Summary
    A divide-by-zero vulnerability in the Productivity Suite allows a local attacker to cause a division by zero leading to a system crash.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AutomationDirect Productivity Suite Affected: 0 , ≤ v4.6.2.2 (custom)
    Unaffected: v4.7.0.47
    Create a notification for this product.
    Credits
    Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-61378",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-17T13:21:50.791725Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-17T13:22:08.813Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "v4.6.2.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "v4.7.0.47"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A divide-by-zero vulnerability in the Productivity Suite allows a local \nattacker to cause a division by zero leading to a system crash."
                }
              ],
              "value": "A divide-by-zero vulnerability in the Productivity Suite allows a local \nattacker to cause a division by zero leading to a system crash."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-369",
                  "description": "CWE-369",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-16T20:30:30.723Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-04"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-197-04.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u00a0\n https://www.automationdirect.com/support/software-downloads"
            }
          ],
          "source": {
            "advisory": "ICSA-26-197-04",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Divide By Zero",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIf the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eDisconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\u003c/li\u003e\u003cli\u003eUse only trusted, dedicated internal networks or air-gapped systems for device communication.\u003c/li\u003e\u003cli\u003eRestrict both physical and logical access to authorized personnel only.\u003c/li\u003e\u003cli\u003eConfigure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\u003c/li\u003e\u003cli\u003eUse antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\u003c/li\u003e\u003cli\u003eEnable and regularly review system logs to detect suspicious or unauthorized activity.\u003c/li\u003e\u003cli\u003eMaintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\u003c/li\u003e\u003cli\u003eContinuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly.\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "If the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\n\n\n  *  Disconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\n  *  Use only trusted, dedicated internal networks or air-gapped systems for device communication.\n  *  Restrict both physical and logical access to authorized personnel only.\n  *  Configure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\n  *  Use antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\n  *  Enable and regularly review system logs to detect suspicious or unauthorized activity.\n  *  Maintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\n  *  Continuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2026-61378",
        "datePublished": "2026-07-16T20:30:30.723Z",
        "dateReserved": "2026-07-09T15:00:24.544Z",
        "dateUpdated": "2026-07-17T13:22:08.813Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-60073 (GCVE-0-2026-60073)

    Vulnerability from nvd – Published: 2026-07-16 20:22 – Updated: 2026-07-17 13:15
    VLAI
    Title
    AutomationDirect Productivity Suite Out-of-bounds Read
    Summary
    An out-of-bounds read in the Productivity Suite allows a physical attacker to control the length of data sent to a USB device. This can lead to a system crash or disclosure of kernel memory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AutomationDirect Productivity Suite Affected: 0 , ≤ v4.6.2.2 (custom)
    Unaffected: v4.7.0.47
    Create a notification for this product.
    Credits
    Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-60073",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-17T13:15:13.008365Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-17T13:15:30.223Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "v4.6.2.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "v4.7.0.47"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An out-of-bounds read in the Productivity Suite allows a physical \nattacker to control the length of data sent to a USB device. This can \nlead to a system crash or disclosure of kernel memory."
                }
              ],
              "value": "An out-of-bounds read in the Productivity Suite allows a physical \nattacker to control the length of data sent to a USB device. This can \nlead to a system crash or disclosure of kernel memory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "PHYSICAL",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-16T20:22:36.036Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-04"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-197-04.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u00a0\n https://www.automationdirect.com/support/software-downloads"
            }
          ],
          "source": {
            "advisory": "ICSA-26-197-04",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Out-of-bounds Read",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIf the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eDisconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\u003c/li\u003e\u003cli\u003eUse only trusted, dedicated internal networks or air-gapped systems for device communication.\u003c/li\u003e\u003cli\u003eRestrict both physical and logical access to authorized personnel only.\u003c/li\u003e\u003cli\u003eConfigure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\u003c/li\u003e\u003cli\u003eUse antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\u003c/li\u003e\u003cli\u003eEnable and regularly review system logs to detect suspicious or unauthorized activity.\u003c/li\u003e\u003cli\u003eMaintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\u003c/li\u003e\u003cli\u003eContinuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly.\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "If the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\n\n\n  *  Disconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\n  *  Use only trusted, dedicated internal networks or air-gapped systems for device communication.\n  *  Restrict both physical and logical access to authorized personnel only.\n  *  Configure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\n  *  Use antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\n  *  Enable and regularly review system logs to detect suspicious or unauthorized activity.\n  *  Maintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\n  *  Continuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2026-60073",
        "datePublished": "2026-07-16T20:22:36.036Z",
        "dateReserved": "2026-07-09T15:00:24.541Z",
        "dateUpdated": "2026-07-17T13:15:30.223Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-57896 (GCVE-0-2026-57896)

    Vulnerability from nvd – Published: 2026-07-16 20:06 – Updated: 2026-07-17 13:16
    VLAI
    Title
    AutomationDirect Productivity Suite Out-of-bounds Read
    Summary
    An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This could lead to limited information disclosure or disruption of the affected product.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AutomationDirect Productivity Suite Affected: 0 , ≤ v4.6.2.2 (custom)
    Unaffected: v4.7.0.47
    Create a notification for this product.
    Credits
    Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-57896",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-17T13:16:30.492759Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-17T13:16:50.596Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "v4.6.2.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "v4.7.0.47"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An out-of-bounds read vulnerability in the Productivity Suite allows a \nlocal attacker to trigger kernel memory corruption by sending a crafted \nIOCTL request. This could lead to limited information disclosure or \ndisruption of the affected product."
                }
              ],
              "value": "An out-of-bounds read vulnerability in the Productivity Suite allows a \nlocal attacker to trigger kernel memory corruption by sending a crafted \nIOCTL request. This could lead to limited information disclosure or \ndisruption of the affected product."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-16T20:06:50.140Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-04"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-197-04.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u00a0\n https://www.automationdirect.com/support/software-downloads"
            }
          ],
          "source": {
            "advisory": "ICSA-26-197-04",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Out-of-bounds Read",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIf the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eDisconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\u003c/li\u003e\u003cli\u003eUse only trusted, dedicated internal networks or air-gapped systems for device communication.\u003c/li\u003e\u003cli\u003eRestrict both physical and logical access to authorized personnel only.\u003c/li\u003e\u003cli\u003eConfigure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\u003c/li\u003e\u003cli\u003eUse antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\u003c/li\u003e\u003cli\u003eEnable and regularly review system logs to detect suspicious or unauthorized activity.\u003c/li\u003e\u003cli\u003eMaintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\u003c/li\u003e\u003cli\u003eContinuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly.\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "If the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\n\n\n  *  Disconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\n  *  Use only trusted, dedicated internal networks or air-gapped systems for device communication.\n  *  Restrict both physical and logical access to authorized personnel only.\n  *  Configure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\n  *  Use antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\n  *  Enable and regularly review system logs to detect suspicious or unauthorized activity.\n  *  Maintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\n  *  Continuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2026-57896",
        "datePublished": "2026-07-16T20:06:50.140Z",
        "dateReserved": "2026-07-09T15:00:24.538Z",
        "dateUpdated": "2026-07-17T13:16:50.596Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-61389 (GCVE-0-2026-61389)

    Vulnerability from nvd – Published: 2026-07-16 20:00 – Updated: 2026-07-17 13:46
    VLAI
    Title
    AutomationDirect Productivity Suite Out-of-bounds Write
    Summary
    An out-of-bounds write vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption via a crafted IOCTL request, potentially resulting in privilege escalation or system instability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AutomationDirect Productivity Suite Affected: 0 , ≤ v4.6.2.2 (custom)
    Unaffected: v4.7.0.47
    Create a notification for this product.
    Credits
    Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-61389",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-17T13:45:43.767213Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-17T13:46:16.909Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "v4.6.2.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "v4.7.0.47"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An out-of-bounds write vulnerability in the Productivity Suite allows a \nlocal attacker to trigger kernel memory corruption via a crafted IOCTL \nrequest, potentially resulting in privilege escalation or system \ninstability."
                }
              ],
              "value": "An out-of-bounds write vulnerability in the Productivity Suite allows a \nlocal attacker to trigger kernel memory corruption via a crafted IOCTL \nrequest, potentially resulting in privilege escalation or system \ninstability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-16T20:00:55.078Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-04"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-197-04.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u00a0\n https://www.automationdirect.com/support/software-downloads"
            }
          ],
          "source": {
            "advisory": "ICSA-26-197-04",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Out-of-bounds Write",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIf the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eDisconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\u003c/li\u003e\u003cli\u003eUse only trusted, dedicated internal networks or air-gapped systems for device communication.\u003c/li\u003e\u003cli\u003eRestrict both physical and logical access to authorized personnel only.\u003c/li\u003e\u003cli\u003eConfigure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\u003c/li\u003e\u003cli\u003eUse antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\u003c/li\u003e\u003cli\u003eEnable and regularly review system logs to detect suspicious or unauthorized activity.\u003c/li\u003e\u003cli\u003eMaintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\u003c/li\u003e\u003cli\u003eContinuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly.\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "If the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\n\n\n  *  Disconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\n  *  Use only trusted, dedicated internal networks or air-gapped systems for device communication.\n  *  Restrict both physical and logical access to authorized personnel only.\n  *  Configure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\n  *  Use antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\n  *  Enable and regularly review system logs to detect suspicious or unauthorized activity.\n  *  Maintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\n  *  Continuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2026-61389",
        "datePublished": "2026-07-16T20:00:55.078Z",
        "dateReserved": "2026-07-09T15:00:24.531Z",
        "dateUpdated": "2026-07-17T13:46:16.909Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-60140 (GCVE-0-2026-60140)

    Vulnerability from nvd – Published: 2026-07-16 20:03 – Updated: 2026-07-17 13:45
    VLAI
    Title
    AutomationDirect Productivity Suite Out-of-bounds Read
    Summary
    An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This can lead to exposing sensitive information or causing the affected product to become unstable or unavailable.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AutomationDirect Productivity Suite Affected: 0 , ≤ v4.6.2.2 (custom)
    Unaffected: v4.7.0.47
    Create a notification for this product.
    Credits
    Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-60140",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-17T13:45:07.449182Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-17T13:45:18.561Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "v4.6.2.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "v4.7.0.47"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An out-of-bounds read vulnerability in the Productivity Suite allows a \nlocal attacker to trigger kernel memory corruption by sending a crafted \nIOCTL request. This can lead to exposing sensitive information or \ncausing the affected product to become unstable or unavailable."
                }
              ],
              "value": "An out-of-bounds read vulnerability in the Productivity Suite allows a \nlocal attacker to trigger kernel memory corruption by sending a crafted \nIOCTL request. This can lead to exposing sensitive information or \ncausing the affected product to become unstable or unavailable."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-16T20:03:14.898Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-04"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-197-04.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u00a0\n https://www.automationdirect.com/support/software-downloads"
            }
          ],
          "source": {
            "advisory": "ICSA-26-197-04",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Out-of-bounds Read",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIf the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eDisconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\u003c/li\u003e\u003cli\u003eUse only trusted, dedicated internal networks or air-gapped systems for device communication.\u003c/li\u003e\u003cli\u003eRestrict both physical and logical access to authorized personnel only.\u003c/li\u003e\u003cli\u003eConfigure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\u003c/li\u003e\u003cli\u003eUse antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\u003c/li\u003e\u003cli\u003eEnable and regularly review system logs to detect suspicious or unauthorized activity.\u003c/li\u003e\u003cli\u003eMaintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\u003c/li\u003e\u003cli\u003eContinuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly.\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "If the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\n\n\n  *  Disconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\n  *  Use only trusted, dedicated internal networks or air-gapped systems for device communication.\n  *  Restrict both physical and logical access to authorized personnel only.\n  *  Configure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\n  *  Use antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\n  *  Enable and regularly review system logs to detect suspicious or unauthorized activity.\n  *  Maintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\n  *  Continuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2026-60140",
        "datePublished": "2026-07-16T20:03:14.898Z",
        "dateReserved": "2026-07-09T15:00:24.535Z",
        "dateUpdated": "2026-07-17T13:45:18.561Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-60063 (GCVE-0-2026-60063)

    Vulnerability from nvd – Published: 2026-07-16 19:59 – Updated: 2026-07-17 13:25
    VLAI
    Title
    AutomationDirect Productivity Suite Out-of-bounds Write
    Summary
    An out-of-bounds write vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption via a crafted IOCTL request, potentially resulting in privilege escalation or system instability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AutomationDirect Productivity Suite Affected: 0 , ≤ v4.6.2.2 (custom)
    Unaffected: v4.7.0.47
    Create a notification for this product.
    Credits
    Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-60063",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-17T13:24:44.620879Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-17T13:25:08.344Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "v4.6.2.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "v4.7.0.47"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An out-of-bounds write vulnerability in the Productivity Suite allows a \nlocal attacker to trigger kernel memory corruption via a crafted IOCTL \nrequest, potentially resulting in privilege escalation or system \ninstability."
                }
              ],
              "value": "An out-of-bounds write vulnerability in the Productivity Suite allows a \nlocal attacker to trigger kernel memory corruption via a crafted IOCTL \nrequest, potentially resulting in privilege escalation or system \ninstability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-16T19:59:16.196Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-04"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-197-04.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u00a0\n https://www.automationdirect.com/support/software-downloads"
            }
          ],
          "source": {
            "advisory": "ICSA-26-197-04",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Out-of-bounds Write",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIf the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eDisconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\u003c/li\u003e\u003cli\u003eUse only trusted, dedicated internal networks or air-gapped systems for device communication.\u003c/li\u003e\u003cli\u003eRestrict both physical and logical access to authorized personnel only.\u003c/li\u003e\u003cli\u003eConfigure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\u003c/li\u003e\u003cli\u003eUse antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\u003c/li\u003e\u003cli\u003eEnable and regularly review system logs to detect suspicious or unauthorized activity.\u003c/li\u003e\u003cli\u003eMaintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\u003c/li\u003e\u003cli\u003eContinuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly.\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "If the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\n\n\n  *  Disconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\n  *  Use only trusted, dedicated internal networks or air-gapped systems for device communication.\n  *  Restrict both physical and logical access to authorized personnel only.\n  *  Configure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\n  *  Use antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\n  *  Enable and regularly review system logs to detect suspicious or unauthorized activity.\n  *  Maintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\n  *  Continuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2026-60063",
        "datePublished": "2026-07-16T19:59:16.196Z",
        "dateReserved": "2026-07-09T15:00:24.526Z",
        "dateUpdated": "2026-07-17T13:25:08.344Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-60023 (GCVE-0-2025-60023)

    Vulnerability from nvd – Published: 2025-10-23 22:21 – Updated: 2025-10-24 14:27
    VLAI
    Title
    AutomationDirect Productivity Suite Relative Path Traversal
    Summary
    A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2025-10-23 16:00
    Credits
    Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-60023",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T14:27:05.405233Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T14:27:12.716Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-550E CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-530 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-540 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThan": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_suite:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-550e_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-530_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-540_cpu:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect."
            }
          ],
          "datePublic": "2025-10-23T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
                }
              ],
              "value": "A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "CWE-23",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-23T22:21:05.084Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01"
            },
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://support.automationdirect.com/docs/securityconsiderations.pdf"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect recommends that users do the following:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUpdate the Productivity Suite programming software to version 4.5.0.x or higher.\u003c/li\u003e\u003cli\u003eUpdate the firmware of Productivity PLCs to the latest version. \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e\u003c/li\u003e\u003cli\u003eAlthough automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\u003c/li\u003e\u003cli\u003eIt is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\u003c/li\u003e\u003cli\u003eAutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users do the following:\n\n  *  Update the Productivity Suite programming software to version 4.5.0.x or higher.\n  *  Update the firmware of Productivity PLCs to the latest version.  https://www.automationdirect.com/support/software-downloads \n  *  Although automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\n  *  It is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\n  *  AutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application."
            }
          ],
          "source": {
            "advisory": "ICSA-25-296-01",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Relative Path Traversal",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\u003c/p\u003e\u003cul\u003e\u003cli\u003ePhysically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\u003c/li\u003e\u003cli\u003eConfigure network segmentation to isolate the PLC from other devices and systems within the organization.\u003c/li\u003e\u003cli\u003eImplement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\u003c/li\u003e\u003cli\u003ePlease refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.automationdirect.com/docs/securityconsiderations.pdf\"\u003eAutomationDirect\u0027s security considerations\u003c/a\u003e\u0026nbsp;for additional information.\u003c/li\u003e\u003cli\u003eIf you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\n\n  *  Physically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\n  *  Configure network segmentation to isolate the PLC from other devices and systems within the organization.\n  *  Implement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\n  *  Please refer to  AutomationDirect\u0027s security considerations https://support.automationdirect.com/docs/securityconsiderations.pdf \u00a0for additional information.\n  *  If you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-60023",
        "datePublished": "2025-10-23T22:21:05.084Z",
        "dateReserved": "2025-10-21T21:55:11.899Z",
        "dateUpdated": "2025-10-24T14:27:12.716Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-59776 (GCVE-0-2025-59776)

    Vulnerability from nvd – Published: 2025-10-23 22:17 – Updated: 2025-10-24 14:27
    VLAI
    Title
    AutomationDirect Productivity Suite Relative Path Traversal
    Summary
    A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and create arbitrary directories on the target machine.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2025-10-23 16:00
    Credits
    Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-59776",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T14:27:37.744469Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T14:27:46.119Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-550E CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-530 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-540 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThan": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_suite:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-550e_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-530_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-540_cpu:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect."
            }
          ],
          "datePublic": "2025-10-23T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and create arbitrary directories on the target machine.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
                }
              ],
              "value": "A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and create arbitrary directories on the target machine."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "CWE-23",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-23T22:17:23.123Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01"
            },
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://support.automationdirect.com/docs/securityconsiderations.pdf"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect recommends that users do the following:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUpdate the Productivity Suite programming software to version 4.5.0.x or higher.\u003c/li\u003e\u003cli\u003eUpdate the firmware of Productivity PLCs to the latest version. \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e\u003c/li\u003e\u003cli\u003eAlthough automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\u003c/li\u003e\u003cli\u003eIt is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\u003c/li\u003e\u003cli\u003eAutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users do the following:\n\n  *  Update the Productivity Suite programming software to version 4.5.0.x or higher.\n  *  Update the firmware of Productivity PLCs to the latest version.  https://www.automationdirect.com/support/software-downloads \n  *  Although automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\n  *  It is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\n  *  AutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application."
            }
          ],
          "source": {
            "advisory": "ICSA-25-296-01",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Relative Path Traversal",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\u003c/p\u003e\u003cul\u003e\u003cli\u003ePhysically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\u003c/li\u003e\u003cli\u003eConfigure network segmentation to isolate the PLC from other devices and systems within the organization.\u003c/li\u003e\u003cli\u003eImplement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\u003c/li\u003e\u003cli\u003ePlease refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.automationdirect.com/docs/securityconsiderations.pdf\"\u003eAutomationDirect\u0027s security considerations\u003c/a\u003e\u0026nbsp;for additional information.\u003c/li\u003e\u003cli\u003eIf you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\n\n  *  Physically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\n  *  Configure network segmentation to isolate the PLC from other devices and systems within the organization.\n  *  Implement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\n  *  Please refer to  AutomationDirect\u0027s security considerations https://support.automationdirect.com/docs/securityconsiderations.pdf \u00a0for additional information.\n  *  If you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-59776",
        "datePublished": "2025-10-23T22:17:23.123Z",
        "dateReserved": "2025-10-21T21:55:11.887Z",
        "dateUpdated": "2025-10-24T14:27:46.119Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-58429 (GCVE-0-2025-58429)

    Vulnerability from nvd – Published: 2025-10-23 22:12 – Updated: 2025-10-24 14:28
    VLAI
    Title
    AutomationDirect Productivity Suite Relative Path Traversal
    Summary
    A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2025-10-23 16:00
    Credits
    Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-58429",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T14:28:23.624390Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T14:28:32.123Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-550E CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-530 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-540 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThan": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_suite:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-550e_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-530_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-540_cpu:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect."
            }
          ],
          "datePublic": "2025-10-23T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine.\u003c/span\u003e\n\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
                }
              ],
              "value": "A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "CWE-23",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-23T22:12:13.384Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01"
            },
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://support.automationdirect.com/docs/securityconsiderations.pdf"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect recommends that users do the following:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUpdate the Productivity Suite programming software to version 4.5.0.x or higher.\u003c/li\u003e\u003cli\u003eUpdate the firmware of Productivity PLCs to the latest version. \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e\u003c/li\u003e\u003cli\u003eAlthough automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\u003c/li\u003e\u003cli\u003eIt is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\u003c/li\u003e\u003cli\u003eAutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users do the following:\n\n  *  Update the Productivity Suite programming software to version 4.5.0.x or higher.\n  *  Update the firmware of Productivity PLCs to the latest version.  https://www.automationdirect.com/support/software-downloads \n  *  Although automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\n  *  It is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\n  *  AutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application."
            }
          ],
          "source": {
            "advisory": "ICSA-25-296-01",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Relative Path Traversal",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\u003c/p\u003e\u003cul\u003e\u003cli\u003ePhysically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\u003c/li\u003e\u003cli\u003eConfigure network segmentation to isolate the PLC from other devices and systems within the organization.\u003c/li\u003e\u003cli\u003eImplement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\u003c/li\u003e\u003cli\u003ePlease refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.automationdirect.com/docs/securityconsiderations.pdf\"\u003eAutomationDirect\u0027s security considerations\u003c/a\u003e\u0026nbsp;for additional information.\u003c/li\u003e\u003cli\u003eIf you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\n\n  *  Physically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\n  *  Configure network segmentation to isolate the PLC from other devices and systems within the organization.\n  *  Implement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\n  *  Please refer to  AutomationDirect\u0027s security considerations https://support.automationdirect.com/docs/securityconsiderations.pdf \u00a0for additional information.\n  *  If you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-58429",
        "datePublished": "2025-10-23T22:12:13.384Z",
        "dateReserved": "2025-10-21T21:55:11.881Z",
        "dateUpdated": "2025-10-24T14:28:32.123Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-62688 (GCVE-0-2025-62688)

    Vulnerability from nvd – Published: 2025-10-23 21:58 – Updated: 2025-10-24 14:32
    VLAI
    Title
    AutomationDirect Productivity Suite Incorrect Permission Assignment for Critical Resource
    Summary
    An incorrect permission assignment for a critical resource vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker with low-privileged credentials to change their role, gaining full control access to the project.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2025-10-23 16:00
    Credits
    Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-62688",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T14:32:07.318424Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T14:32:15.375Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-550E CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-530 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-540 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThan": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_suite:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-550e_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-530_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-540_cpu:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect."
            }
          ],
          "datePublic": "2025-10-23T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn incorrect permission assignment for a critical resource vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker with low-privileged credentials to change their role, gaining full control access to the project.\u003c/span\u003e\n\n\u003c/span\u003e"
                }
              ],
              "value": "An incorrect permission assignment for a critical resource vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker with low-privileged credentials to change their role, gaining full control access to the project."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:L/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-732",
                  "description": "CWE-732",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-23T21:58:16.532Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01"
            },
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://support.automationdirect.com/docs/securityconsiderations.pdf"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect recommends that users do the following:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUpdate the Productivity Suite programming software to version 4.5.0.x or higher.\u003c/li\u003e\u003cli\u003eUpdate the firmware of Productivity PLCs to the latest version. \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e\u003c/li\u003e\u003cli\u003eAlthough automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\u003c/li\u003e\u003cli\u003eIt is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\u003c/li\u003e\u003cli\u003eAutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users do the following:\n\n  *  Update the Productivity Suite programming software to version 4.5.0.x or higher.\n  *  Update the firmware of Productivity PLCs to the latest version.  https://www.automationdirect.com/support/software-downloads \n  *  Although automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\n  *  It is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\n  *  AutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application."
            }
          ],
          "source": {
            "advisory": "ICSA-25-296-01",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Incorrect Permission Assignment for Critical Resource",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\u003c/p\u003e\u003cul\u003e\u003cli\u003ePhysically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\u003c/li\u003e\u003cli\u003eConfigure network segmentation to isolate the PLC from other devices and systems within the organization.\u003c/li\u003e\u003cli\u003eImplement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\u003c/li\u003e\u003cli\u003ePlease refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.automationdirect.com/docs/securityconsiderations.pdf\"\u003eAutomationDirect\u0027s security considerations\u003c/a\u003e\u0026nbsp;for additional information.\u003c/li\u003e\u003cli\u003eIf you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\n\n  *  Physically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\n  *  Configure network segmentation to isolate the PLC from other devices and systems within the organization.\n  *  Implement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\n  *  Please refer to  AutomationDirect\u0027s security considerations https://support.automationdirect.com/docs/securityconsiderations.pdf \u00a0for additional information.\n  *  If you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-62688",
        "datePublished": "2025-10-23T21:58:16.532Z",
        "dateReserved": "2025-10-21T21:55:11.842Z",
        "dateUpdated": "2025-10-24T14:32:15.375Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-62498 (GCVE-0-2025-62498)

    Vulnerability from nvd – Published: 2025-10-23 21:46 – Updated: 2025-10-24 14:34
    VLAI
    Title
    AutomationDirect Productivity Suite Relative Path Traversal
    Summary
    A relative path traversal (ZipSlip) vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker who can tamper with a productivity project to execute arbitrary code on the machine where the project is opened.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2025-10-23 16:00
    Credits
    Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-62498",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T14:34:28.270545Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T14:34:34.818Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-550E CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-530 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-540 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThan": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_suite:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-550e_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-530_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-540_cpu:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect."
            }
          ],
          "datePublic": "2025-10-23T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA relative path traversal (ZipSlip) vulnerability was discovered in Productivity Suite software version\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e \n\n\u003cspan style=\"background-color: rgb(252, 240, 192);\"\u003e4.4.1.19\u003c/span\u003e. The vulnerability allows an attacker who can tamper with a productivity project to execute arbitrary code on the machine where the project is opened."
                }
              ],
              "value": "A relative path traversal (ZipSlip) vulnerability was discovered in Productivity Suite software version \n\n4.4.1.19. The vulnerability allows an attacker who can tamper with a productivity project to execute arbitrary code on the machine where the project is opened."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "CWE-23",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-23T21:46:45.360Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01"
            },
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect recommends that users do the following:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUpdate the Productivity Suite programming software to version 4.5.0.x or higher.\u003c/li\u003e\u003cli\u003eUpdate the firmware of Productivity PLCs to the latest version. \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e\u003c/li\u003e\u003cli\u003eAlthough automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\u003c/li\u003e\u003cli\u003eIt is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\u003c/li\u003e\u003cli\u003eAutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users do the following:\n\n  *  Update the Productivity Suite programming software to version 4.5.0.x or higher.\n  *  Update the firmware of Productivity PLCs to the latest version.  https://www.automationdirect.com/support/software-downloads \n  *  Although automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\n  *  It is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\n  *  AutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application."
            }
          ],
          "source": {
            "advisory": "ICSA-25-296-01",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Relative Path Traversal",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\u003c/p\u003e\u003cul\u003e\u003cli\u003ePhysically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\u003c/li\u003e\u003cli\u003eConfigure network segmentation to isolate the PLC from other devices and systems within the organization.\u003c/li\u003e\u003cli\u003eImplement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\u003c/li\u003e\u003cli\u003ePlease refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.automationdirect.com/docs/securityconsiderations.pdf\"\u003eAutomationDirect\u0027s security considerations\u003c/a\u003e\u0026nbsp;for additional information.\u003c/li\u003e\u003cli\u003eIf you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\n\n  *  Physically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\n  *  Configure network segmentation to isolate the PLC from other devices and systems within the organization.\n  *  Implement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\n  *  Please refer to  AutomationDirect\u0027s security considerations https://support.automationdirect.com/docs/securityconsiderations.pdf \u00a0for additional information.\n  *  If you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-62498",
        "datePublished": "2025-10-23T21:46:45.360Z",
        "dateReserved": "2025-10-21T21:55:11.793Z",
        "dateUpdated": "2025-10-24T14:34:34.818Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-61977 (GCVE-0-2025-61977)

    Vulnerability from nvd – Published: 2025-10-23 21:51 – Updated: 2025-10-24 14:34
    VLAI
    Title
    AutomationDirect Productivity Suite Weak Password Recovery Mechanism for Forgotten Password
    Summary
    A weak password recovery mechanism for forgotten password vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an attacker to decrypt an encrypted project by answering just one recovery question.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2025-10-23 16:00
    Credits
    Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61977",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T14:33:53.667914Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T14:34:02.891Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-550E CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-530 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-540 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThan": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_suite:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-550e_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-530_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-540_cpu:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect."
            }
          ],
          "datePublic": "2025-10-23T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA weak password recovery mechanism for forgotten password vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an attacker to decrypt an encrypted project by answering just one recovery question.\u003c/span\u003e\n\n \u003c/span\u003e"
                }
              ],
              "value": "A weak password recovery mechanism for forgotten password vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an attacker to decrypt an encrypted project by answering just one recovery question."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-640",
                  "description": "CWE-640",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-23T21:51:56.523Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json"
            },
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://support.automationdirect.com/docs/securityconsiderations.pdf"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect recommends that users do the following:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUpdate the Productivity Suite programming software to version 4.5.0.x or higher.\u003c/li\u003e\u003cli\u003eUpdate the firmware of Productivity PLCs to the latest version. \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e\u003c/li\u003e\u003cli\u003eAlthough automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\u003c/li\u003e\u003cli\u003eIt is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\u003c/li\u003e\u003cli\u003eAutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users do the following:\n\n  *  Update the Productivity Suite programming software to version 4.5.0.x or higher.\n  *  Update the firmware of Productivity PLCs to the latest version.  https://www.automationdirect.com/support/software-downloads \n  *  Although automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\n  *  It is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\n  *  AutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application."
            }
          ],
          "source": {
            "advisory": "ICSA-25-296-01",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Weak Password Recovery Mechanism for Forgotten Password",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\u003c/p\u003e\u003cul\u003e\u003cli\u003ePhysically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\u003c/li\u003e\u003cli\u003eConfigure network segmentation to isolate the PLC from other devices and systems within the organization.\u003c/li\u003e\u003cli\u003eImplement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\u003c/li\u003e\u003cli\u003ePlease refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.automationdirect.com/docs/securityconsiderations.pdf\"\u003eAutomationDirect\u0027s security considerations\u003c/a\u003e\u0026nbsp;for additional information.\u003c/li\u003e\u003cli\u003eIf you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\n\n  *  Physically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\n  *  Configure network segmentation to isolate the PLC from other devices and systems within the organization.\n  *  Implement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\n  *  Please refer to  AutomationDirect\u0027s security considerations https://support.automationdirect.com/docs/securityconsiderations.pdf \u00a0for additional information.\n  *  If you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-61977",
        "datePublished": "2025-10-23T21:51:56.523Z",
        "dateReserved": "2025-10-21T21:55:11.830Z",
        "dateUpdated": "2025-10-24T14:34:02.891Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-61934 (GCVE-0-2025-61934)

    Vulnerability from nvd – Published: 2025-10-23 22:01 – Updated: 2025-10-24 14:31
    VLAI
    Title
    AutomationDirect Productivity Suite Binding to an Unrestricted IP Address CWE-1327
    Summary
    A binding to an unrestricted IP address vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read, write, or delete arbitrary files and folders on the target machine
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2025-10-23 16:00
    Credits
    Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61934",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T14:31:36.983809Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T14:31:43.765Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-550E CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-530 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-540 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThan": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_suite:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-550e_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-530_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-540_cpu:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect."
            }
          ],
          "datePublic": "2025-10-23T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA binding to an unrestricted IP address vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read, write, or delete arbitrary files and folders on the target machine\u003c/span\u003e"
                }
              ],
              "value": "A binding to an unrestricted IP address vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read, write, or delete arbitrary files and folders on the target machine"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1327",
                  "description": "CWE-1327",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-23T22:01:28.290Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01"
            },
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://support.automationdirect.com/docs/securityconsiderations.pdf"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect recommends that users do the following:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUpdate the Productivity Suite programming software to version 4.5.0.x or higher.\u003c/li\u003e\u003cli\u003eUpdate the firmware of Productivity PLCs to the latest version. \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e\u003c/li\u003e\u003cli\u003eAlthough automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\u003c/li\u003e\u003cli\u003eIt is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\u003c/li\u003e\u003cli\u003eAutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users do the following:\n\n  *  Update the Productivity Suite programming software to version 4.5.0.x or higher.\n  *  Update the firmware of Productivity PLCs to the latest version.  https://www.automationdirect.com/support/software-downloads \n  *  Although automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\n  *  It is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\n  *  AutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application."
            }
          ],
          "source": {
            "advisory": "ICSA-25-296-01",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Binding to an Unrestricted IP Address CWE-1327",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\u003c/p\u003e\u003cul\u003e\u003cli\u003ePhysically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\u003c/li\u003e\u003cli\u003eConfigure network segmentation to isolate the PLC from other devices and systems within the organization.\u003c/li\u003e\u003cli\u003eImplement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\u003c/li\u003e\u003cli\u003ePlease refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.automationdirect.com/docs/securityconsiderations.pdf\"\u003eAutomationDirect\u0027s security considerations\u003c/a\u003e\u0026nbsp;for additional information.\u003c/li\u003e\u003cli\u003eIf you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\n\n  *  Physically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\n  *  Configure network segmentation to isolate the PLC from other devices and systems within the organization.\n  *  Implement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\n  *  Please refer to  AutomationDirect\u0027s security considerations https://support.automationdirect.com/docs/securityconsiderations.pdf \u00a0for additional information.\n  *  If you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-61934",
        "datePublished": "2025-10-23T22:01:28.290Z",
        "dateReserved": "2025-10-21T21:55:11.850Z",
        "dateUpdated": "2025-10-24T14:31:43.765Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-58456 (GCVE-0-2025-58456)

    Vulnerability from nvd – Published: 2025-10-23 22:05 – Updated: 2025-10-24 14:29
    VLAI
    Title
    AutomationDirect Productivity Suite Relative Path Traversal
    Summary
    A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read arbitrary files on the target machine.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2025-10-23 16:00
    Credits
    Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-58456",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T14:29:15.507830Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T14:29:21.805Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-550E CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-530 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-540 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThan": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_suite:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-550e_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-530_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-540_cpu:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect."
            }
          ],
          "datePublic": "2025-10-23T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA relative path traversal vulnerability was discovered in Productivity Suite software version \n\n4.4.1.19.\n\n The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read arbitrary files on the target machine.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e"
                }
              ],
              "value": "A relative path traversal vulnerability was discovered in Productivity Suite software version \n\n4.4.1.19.\n\n The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read arbitrary files on the target machine."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "CWE-23",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-23T22:05:14.379Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01"
            },
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://support.automationdirect.com/docs/securityconsiderations.pdf"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect recommends that users do the following:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUpdate the Productivity Suite programming software to version 4.5.0.x or higher.\u003c/li\u003e\u003cli\u003eUpdate the firmware of Productivity PLCs to the latest version. \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e\u003c/li\u003e\u003cli\u003eAlthough automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\u003c/li\u003e\u003cli\u003eIt is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\u003c/li\u003e\u003cli\u003eAutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users do the following:\n\n  *  Update the Productivity Suite programming software to version 4.5.0.x or higher.\n  *  Update the firmware of Productivity PLCs to the latest version.  https://www.automationdirect.com/support/software-downloads \n  *  Although automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\n  *  It is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\n  *  AutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application."
            }
          ],
          "source": {
            "advisory": "ICSA-25-296-01",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Relative Path Traversal",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\u003c/p\u003e\u003cul\u003e\u003cli\u003ePhysically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\u003c/li\u003e\u003cli\u003eConfigure network segmentation to isolate the PLC from other devices and systems within the organization.\u003c/li\u003e\u003cli\u003eImplement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\u003c/li\u003e\u003cli\u003ePlease refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.automationdirect.com/docs/securityconsiderations.pdf\"\u003eAutomationDirect\u0027s security considerations\u003c/a\u003e\u0026nbsp;for additional information.\u003c/li\u003e\u003cli\u003eIf you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\n\n  *  Physically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\n  *  Configure network segmentation to isolate the PLC from other devices and systems within the organization.\n  *  Implement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\n  *  Please refer to  AutomationDirect\u0027s security considerations https://support.automationdirect.com/docs/securityconsiderations.pdf \u00a0for additional information.\n  *  If you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-58456",
        "datePublished": "2025-10-23T22:05:14.379Z",
        "dateReserved": "2025-10-21T21:55:11.863Z",
        "dateUpdated": "2025-10-24T14:29:21.805Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-58078 (GCVE-0-2025-58078)

    Vulnerability from nvd – Published: 2025-10-23 22:09 – Updated: 2025-10-24 14:28
    VLAI
    Title
    AutomationDirect Productivity Suite Relative Path Traversal
    Summary
    A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and write files with arbitrary data on the target machine.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2025-10-23 16:00
    Credits
    Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-58078",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T14:28:48.950645Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T14:28:56.329Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-550E CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-530 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-540 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThan": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_suite:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-550e_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-530_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-540_cpu:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect."
            }
          ],
          "datePublic": "2025-10-23T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA relative path traversal vulnerability was discovered in Productivity Suite software version \n\n4.4.1.19.\n\n\n The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and write files with arbitrary data on the target machine.\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
                }
              ],
              "value": "A relative path traversal vulnerability was discovered in Productivity Suite software version \n\n4.4.1.19.\n\n\n The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and write files with arbitrary data on the target machine."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "CWE-23",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-23T22:09:03.834Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01"
            },
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://support.automationdirect.com/docs/securityconsiderations.pdf"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect recommends that users do the following:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUpdate the Productivity Suite programming software to version 4.5.0.x or higher.\u003c/li\u003e\u003cli\u003eUpdate the firmware of Productivity PLCs to the latest version. \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e\u003c/li\u003e\u003cli\u003eAlthough automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\u003c/li\u003e\u003cli\u003eIt is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\u003c/li\u003e\u003cli\u003eAutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users do the following:\n\n  *  Update the Productivity Suite programming software to version 4.5.0.x or higher.\n  *  Update the firmware of Productivity PLCs to the latest version.  https://www.automationdirect.com/support/software-downloads \n  *  Although automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\n  *  It is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\n  *  AutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application."
            }
          ],
          "source": {
            "advisory": "ICSA-25-296-01",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite  Relative Path Traversal",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\u003c/p\u003e\u003cul\u003e\u003cli\u003ePhysically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\u003c/li\u003e\u003cli\u003eConfigure network segmentation to isolate the PLC from other devices and systems within the organization.\u003c/li\u003e\u003cli\u003eImplement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\u003c/li\u003e\u003cli\u003ePlease refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.automationdirect.com/docs/securityconsiderations.pdf\"\u003eAutomationDirect\u0027s security considerations\u003c/a\u003e\u0026nbsp;for additional information.\u003c/li\u003e\u003cli\u003eIf you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\n\n  *  Physically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\n  *  Configure network segmentation to isolate the PLC from other devices and systems within the organization.\n  *  Implement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\n  *  Please refer to  AutomationDirect\u0027s security considerations https://support.automationdirect.com/docs/securityconsiderations.pdf \u00a0for additional information.\n  *  If you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-58078",
        "datePublished": "2025-10-23T22:09:03.834Z",
        "dateReserved": "2025-10-21T21:55:11.872Z",
        "dateUpdated": "2025-10-24T14:28:56.329Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-61378 (GCVE-0-2026-61378)

    Vulnerability from cvelistv5 – Published: 2026-07-16 20:30 – Updated: 2026-07-17 13:22
    VLAI
    Title
    AutomationDirect Productivity Suite Divide By Zero
    Summary
    A divide-by-zero vulnerability in the Productivity Suite allows a local attacker to cause a division by zero leading to a system crash.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AutomationDirect Productivity Suite Affected: 0 , ≤ v4.6.2.2 (custom)
    Unaffected: v4.7.0.47
    Create a notification for this product.
    Credits
    Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-61378",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-17T13:21:50.791725Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-17T13:22:08.813Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "v4.6.2.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "v4.7.0.47"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A divide-by-zero vulnerability in the Productivity Suite allows a local \nattacker to cause a division by zero leading to a system crash."
                }
              ],
              "value": "A divide-by-zero vulnerability in the Productivity Suite allows a local \nattacker to cause a division by zero leading to a system crash."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-369",
                  "description": "CWE-369",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-16T20:30:30.723Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-04"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-197-04.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u00a0\n https://www.automationdirect.com/support/software-downloads"
            }
          ],
          "source": {
            "advisory": "ICSA-26-197-04",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Divide By Zero",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIf the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eDisconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\u003c/li\u003e\u003cli\u003eUse only trusted, dedicated internal networks or air-gapped systems for device communication.\u003c/li\u003e\u003cli\u003eRestrict both physical and logical access to authorized personnel only.\u003c/li\u003e\u003cli\u003eConfigure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\u003c/li\u003e\u003cli\u003eUse antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\u003c/li\u003e\u003cli\u003eEnable and regularly review system logs to detect suspicious or unauthorized activity.\u003c/li\u003e\u003cli\u003eMaintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\u003c/li\u003e\u003cli\u003eContinuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly.\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "If the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\n\n\n  *  Disconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\n  *  Use only trusted, dedicated internal networks or air-gapped systems for device communication.\n  *  Restrict both physical and logical access to authorized personnel only.\n  *  Configure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\n  *  Use antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\n  *  Enable and regularly review system logs to detect suspicious or unauthorized activity.\n  *  Maintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\n  *  Continuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2026-61378",
        "datePublished": "2026-07-16T20:30:30.723Z",
        "dateReserved": "2026-07-09T15:00:24.544Z",
        "dateUpdated": "2026-07-17T13:22:08.813Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-60073 (GCVE-0-2026-60073)

    Vulnerability from cvelistv5 – Published: 2026-07-16 20:22 – Updated: 2026-07-17 13:15
    VLAI
    Title
    AutomationDirect Productivity Suite Out-of-bounds Read
    Summary
    An out-of-bounds read in the Productivity Suite allows a physical attacker to control the length of data sent to a USB device. This can lead to a system crash or disclosure of kernel memory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AutomationDirect Productivity Suite Affected: 0 , ≤ v4.6.2.2 (custom)
    Unaffected: v4.7.0.47
    Create a notification for this product.
    Credits
    Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-60073",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-17T13:15:13.008365Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-17T13:15:30.223Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "v4.6.2.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "v4.7.0.47"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An out-of-bounds read in the Productivity Suite allows a physical \nattacker to control the length of data sent to a USB device. This can \nlead to a system crash or disclosure of kernel memory."
                }
              ],
              "value": "An out-of-bounds read in the Productivity Suite allows a physical \nattacker to control the length of data sent to a USB device. This can \nlead to a system crash or disclosure of kernel memory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "PHYSICAL",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-16T20:22:36.036Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-04"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-197-04.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u00a0\n https://www.automationdirect.com/support/software-downloads"
            }
          ],
          "source": {
            "advisory": "ICSA-26-197-04",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Out-of-bounds Read",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIf the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eDisconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\u003c/li\u003e\u003cli\u003eUse only trusted, dedicated internal networks or air-gapped systems for device communication.\u003c/li\u003e\u003cli\u003eRestrict both physical and logical access to authorized personnel only.\u003c/li\u003e\u003cli\u003eConfigure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\u003c/li\u003e\u003cli\u003eUse antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\u003c/li\u003e\u003cli\u003eEnable and regularly review system logs to detect suspicious or unauthorized activity.\u003c/li\u003e\u003cli\u003eMaintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\u003c/li\u003e\u003cli\u003eContinuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly.\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "If the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\n\n\n  *  Disconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\n  *  Use only trusted, dedicated internal networks or air-gapped systems for device communication.\n  *  Restrict both physical and logical access to authorized personnel only.\n  *  Configure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\n  *  Use antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\n  *  Enable and regularly review system logs to detect suspicious or unauthorized activity.\n  *  Maintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\n  *  Continuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2026-60073",
        "datePublished": "2026-07-16T20:22:36.036Z",
        "dateReserved": "2026-07-09T15:00:24.541Z",
        "dateUpdated": "2026-07-17T13:15:30.223Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-57896 (GCVE-0-2026-57896)

    Vulnerability from cvelistv5 – Published: 2026-07-16 20:06 – Updated: 2026-07-17 13:16
    VLAI
    Title
    AutomationDirect Productivity Suite Out-of-bounds Read
    Summary
    An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This could lead to limited information disclosure or disruption of the affected product.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AutomationDirect Productivity Suite Affected: 0 , ≤ v4.6.2.2 (custom)
    Unaffected: v4.7.0.47
    Create a notification for this product.
    Credits
    Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-57896",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-17T13:16:30.492759Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-17T13:16:50.596Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "v4.6.2.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "v4.7.0.47"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An out-of-bounds read vulnerability in the Productivity Suite allows a \nlocal attacker to trigger kernel memory corruption by sending a crafted \nIOCTL request. This could lead to limited information disclosure or \ndisruption of the affected product."
                }
              ],
              "value": "An out-of-bounds read vulnerability in the Productivity Suite allows a \nlocal attacker to trigger kernel memory corruption by sending a crafted \nIOCTL request. This could lead to limited information disclosure or \ndisruption of the affected product."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-16T20:06:50.140Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-04"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-197-04.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u00a0\n https://www.automationdirect.com/support/software-downloads"
            }
          ],
          "source": {
            "advisory": "ICSA-26-197-04",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Out-of-bounds Read",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIf the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eDisconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\u003c/li\u003e\u003cli\u003eUse only trusted, dedicated internal networks or air-gapped systems for device communication.\u003c/li\u003e\u003cli\u003eRestrict both physical and logical access to authorized personnel only.\u003c/li\u003e\u003cli\u003eConfigure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\u003c/li\u003e\u003cli\u003eUse antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\u003c/li\u003e\u003cli\u003eEnable and regularly review system logs to detect suspicious or unauthorized activity.\u003c/li\u003e\u003cli\u003eMaintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\u003c/li\u003e\u003cli\u003eContinuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly.\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "If the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\n\n\n  *  Disconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\n  *  Use only trusted, dedicated internal networks or air-gapped systems for device communication.\n  *  Restrict both physical and logical access to authorized personnel only.\n  *  Configure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\n  *  Use antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\n  *  Enable and regularly review system logs to detect suspicious or unauthorized activity.\n  *  Maintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\n  *  Continuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2026-57896",
        "datePublished": "2026-07-16T20:06:50.140Z",
        "dateReserved": "2026-07-09T15:00:24.538Z",
        "dateUpdated": "2026-07-17T13:16:50.596Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-60140 (GCVE-0-2026-60140)

    Vulnerability from cvelistv5 – Published: 2026-07-16 20:03 – Updated: 2026-07-17 13:45
    VLAI
    Title
    AutomationDirect Productivity Suite Out-of-bounds Read
    Summary
    An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This can lead to exposing sensitive information or causing the affected product to become unstable or unavailable.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AutomationDirect Productivity Suite Affected: 0 , ≤ v4.6.2.2 (custom)
    Unaffected: v4.7.0.47
    Create a notification for this product.
    Credits
    Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-60140",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-17T13:45:07.449182Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-17T13:45:18.561Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "v4.6.2.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "v4.7.0.47"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An out-of-bounds read vulnerability in the Productivity Suite allows a \nlocal attacker to trigger kernel memory corruption by sending a crafted \nIOCTL request. This can lead to exposing sensitive information or \ncausing the affected product to become unstable or unavailable."
                }
              ],
              "value": "An out-of-bounds read vulnerability in the Productivity Suite allows a \nlocal attacker to trigger kernel memory corruption by sending a crafted \nIOCTL request. This can lead to exposing sensitive information or \ncausing the affected product to become unstable or unavailable."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-16T20:03:14.898Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-04"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-197-04.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u00a0\n https://www.automationdirect.com/support/software-downloads"
            }
          ],
          "source": {
            "advisory": "ICSA-26-197-04",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Out-of-bounds Read",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIf the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eDisconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\u003c/li\u003e\u003cli\u003eUse only trusted, dedicated internal networks or air-gapped systems for device communication.\u003c/li\u003e\u003cli\u003eRestrict both physical and logical access to authorized personnel only.\u003c/li\u003e\u003cli\u003eConfigure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\u003c/li\u003e\u003cli\u003eUse antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\u003c/li\u003e\u003cli\u003eEnable and regularly review system logs to detect suspicious or unauthorized activity.\u003c/li\u003e\u003cli\u003eMaintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\u003c/li\u003e\u003cli\u003eContinuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly.\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "If the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\n\n\n  *  Disconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\n  *  Use only trusted, dedicated internal networks or air-gapped systems for device communication.\n  *  Restrict both physical and logical access to authorized personnel only.\n  *  Configure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\n  *  Use antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\n  *  Enable and regularly review system logs to detect suspicious or unauthorized activity.\n  *  Maintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\n  *  Continuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2026-60140",
        "datePublished": "2026-07-16T20:03:14.898Z",
        "dateReserved": "2026-07-09T15:00:24.535Z",
        "dateUpdated": "2026-07-17T13:45:18.561Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-61389 (GCVE-0-2026-61389)

    Vulnerability from cvelistv5 – Published: 2026-07-16 20:00 – Updated: 2026-07-17 13:46
    VLAI
    Title
    AutomationDirect Productivity Suite Out-of-bounds Write
    Summary
    An out-of-bounds write vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption via a crafted IOCTL request, potentially resulting in privilege escalation or system instability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AutomationDirect Productivity Suite Affected: 0 , ≤ v4.6.2.2 (custom)
    Unaffected: v4.7.0.47
    Create a notification for this product.
    Credits
    Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-61389",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-17T13:45:43.767213Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-17T13:46:16.909Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "v4.6.2.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "v4.7.0.47"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An out-of-bounds write vulnerability in the Productivity Suite allows a \nlocal attacker to trigger kernel memory corruption via a crafted IOCTL \nrequest, potentially resulting in privilege escalation or system \ninstability."
                }
              ],
              "value": "An out-of-bounds write vulnerability in the Productivity Suite allows a \nlocal attacker to trigger kernel memory corruption via a crafted IOCTL \nrequest, potentially resulting in privilege escalation or system \ninstability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-16T20:00:55.078Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-04"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-197-04.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u00a0\n https://www.automationdirect.com/support/software-downloads"
            }
          ],
          "source": {
            "advisory": "ICSA-26-197-04",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Out-of-bounds Write",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIf the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eDisconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\u003c/li\u003e\u003cli\u003eUse only trusted, dedicated internal networks or air-gapped systems for device communication.\u003c/li\u003e\u003cli\u003eRestrict both physical and logical access to authorized personnel only.\u003c/li\u003e\u003cli\u003eConfigure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\u003c/li\u003e\u003cli\u003eUse antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\u003c/li\u003e\u003cli\u003eEnable and regularly review system logs to detect suspicious or unauthorized activity.\u003c/li\u003e\u003cli\u003eMaintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\u003c/li\u003e\u003cli\u003eContinuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly.\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "If the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\n\n\n  *  Disconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\n  *  Use only trusted, dedicated internal networks or air-gapped systems for device communication.\n  *  Restrict both physical and logical access to authorized personnel only.\n  *  Configure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\n  *  Use antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\n  *  Enable and regularly review system logs to detect suspicious or unauthorized activity.\n  *  Maintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\n  *  Continuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2026-61389",
        "datePublished": "2026-07-16T20:00:55.078Z",
        "dateReserved": "2026-07-09T15:00:24.531Z",
        "dateUpdated": "2026-07-17T13:46:16.909Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-60063 (GCVE-0-2026-60063)

    Vulnerability from cvelistv5 – Published: 2026-07-16 19:59 – Updated: 2026-07-17 13:25
    VLAI
    Title
    AutomationDirect Productivity Suite Out-of-bounds Write
    Summary
    An out-of-bounds write vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption via a crafted IOCTL request, potentially resulting in privilege escalation or system instability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AutomationDirect Productivity Suite Affected: 0 , ≤ v4.6.2.2 (custom)
    Unaffected: v4.7.0.47
    Create a notification for this product.
    Credits
    Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-60063",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-17T13:24:44.620879Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-17T13:25:08.344Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "v4.6.2.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "v4.7.0.47"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported this vulnerability to CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An out-of-bounds write vulnerability in the Productivity Suite allows a \nlocal attacker to trigger kernel memory corruption via a crafted IOCTL \nrequest, potentially resulting in privilege escalation or system \ninstability."
                }
              ],
              "value": "An out-of-bounds write vulnerability in the Productivity Suite allows a \nlocal attacker to trigger kernel memory corruption via a crafted IOCTL \nrequest, potentially resulting in privilege escalation or system \ninstability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-16T19:59:16.196Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-04"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-197-04.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users update Productivity suite to \nv4.7.0.47 and above\u00a0\n https://www.automationdirect.com/support/software-downloads"
            }
          ],
          "source": {
            "advisory": "ICSA-26-197-04",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Out-of-bounds Write",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIf the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eDisconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\u003c/li\u003e\u003cli\u003eUse only trusted, dedicated internal networks or air-gapped systems for device communication.\u003c/li\u003e\u003cli\u003eRestrict both physical and logical access to authorized personnel only.\u003c/li\u003e\u003cli\u003eConfigure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\u003c/li\u003e\u003cli\u003eUse antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\u003c/li\u003e\u003cli\u003eEnable and regularly review system logs to detect suspicious or unauthorized activity.\u003c/li\u003e\u003cli\u003eMaintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\u003c/li\u003e\u003cli\u003eContinuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly.\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "If the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed.\n\n\n  *  Disconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.\n  *  Use only trusted, dedicated internal networks or air-gapped systems for device communication.\n  *  Restrict both physical and logical access to authorized personnel only.\n  *  Configure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.\n  *  Use antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\n  *  Enable and regularly review system logs to detect suspicious or unauthorized activity.\n  *  Maintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.\n  *  Continuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2026-60063",
        "datePublished": "2026-07-16T19:59:16.196Z",
        "dateReserved": "2026-07-09T15:00:24.526Z",
        "dateUpdated": "2026-07-17T13:25:08.344Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-60023 (GCVE-0-2025-60023)

    Vulnerability from cvelistv5 – Published: 2025-10-23 22:21 – Updated: 2025-10-24 14:27
    VLAI
    Title
    AutomationDirect Productivity Suite Relative Path Traversal
    Summary
    A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2025-10-23 16:00
    Credits
    Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-60023",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T14:27:05.405233Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T14:27:12.716Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-550E CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-530 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-540 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThan": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_suite:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-550e_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-530_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-540_cpu:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect."
            }
          ],
          "datePublic": "2025-10-23T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
                }
              ],
              "value": "A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "CWE-23",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-23T22:21:05.084Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01"
            },
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://support.automationdirect.com/docs/securityconsiderations.pdf"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect recommends that users do the following:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUpdate the Productivity Suite programming software to version 4.5.0.x or higher.\u003c/li\u003e\u003cli\u003eUpdate the firmware of Productivity PLCs to the latest version. \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e\u003c/li\u003e\u003cli\u003eAlthough automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\u003c/li\u003e\u003cli\u003eIt is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\u003c/li\u003e\u003cli\u003eAutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users do the following:\n\n  *  Update the Productivity Suite programming software to version 4.5.0.x or higher.\n  *  Update the firmware of Productivity PLCs to the latest version.  https://www.automationdirect.com/support/software-downloads \n  *  Although automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\n  *  It is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\n  *  AutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application."
            }
          ],
          "source": {
            "advisory": "ICSA-25-296-01",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Relative Path Traversal",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\u003c/p\u003e\u003cul\u003e\u003cli\u003ePhysically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\u003c/li\u003e\u003cli\u003eConfigure network segmentation to isolate the PLC from other devices and systems within the organization.\u003c/li\u003e\u003cli\u003eImplement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\u003c/li\u003e\u003cli\u003ePlease refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.automationdirect.com/docs/securityconsiderations.pdf\"\u003eAutomationDirect\u0027s security considerations\u003c/a\u003e\u0026nbsp;for additional information.\u003c/li\u003e\u003cli\u003eIf you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\n\n  *  Physically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\n  *  Configure network segmentation to isolate the PLC from other devices and systems within the organization.\n  *  Implement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\n  *  Please refer to  AutomationDirect\u0027s security considerations https://support.automationdirect.com/docs/securityconsiderations.pdf \u00a0for additional information.\n  *  If you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-60023",
        "datePublished": "2025-10-23T22:21:05.084Z",
        "dateReserved": "2025-10-21T21:55:11.899Z",
        "dateUpdated": "2025-10-24T14:27:12.716Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-59776 (GCVE-0-2025-59776)

    Vulnerability from cvelistv5 – Published: 2025-10-23 22:17 – Updated: 2025-10-24 14:27
    VLAI
    Title
    AutomationDirect Productivity Suite Relative Path Traversal
    Summary
    A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and create arbitrary directories on the target machine.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2025-10-23 16:00
    Credits
    Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-59776",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T14:27:37.744469Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T14:27:46.119Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-550E CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-530 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-540 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThan": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_suite:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-550e_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-530_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-540_cpu:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect."
            }
          ],
          "datePublic": "2025-10-23T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and create arbitrary directories on the target machine.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
                }
              ],
              "value": "A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and create arbitrary directories on the target machine."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "CWE-23",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-23T22:17:23.123Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01"
            },
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://support.automationdirect.com/docs/securityconsiderations.pdf"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect recommends that users do the following:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUpdate the Productivity Suite programming software to version 4.5.0.x or higher.\u003c/li\u003e\u003cli\u003eUpdate the firmware of Productivity PLCs to the latest version. \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e\u003c/li\u003e\u003cli\u003eAlthough automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\u003c/li\u003e\u003cli\u003eIt is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\u003c/li\u003e\u003cli\u003eAutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users do the following:\n\n  *  Update the Productivity Suite programming software to version 4.5.0.x or higher.\n  *  Update the firmware of Productivity PLCs to the latest version.  https://www.automationdirect.com/support/software-downloads \n  *  Although automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\n  *  It is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\n  *  AutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application."
            }
          ],
          "source": {
            "advisory": "ICSA-25-296-01",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Relative Path Traversal",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\u003c/p\u003e\u003cul\u003e\u003cli\u003ePhysically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\u003c/li\u003e\u003cli\u003eConfigure network segmentation to isolate the PLC from other devices and systems within the organization.\u003c/li\u003e\u003cli\u003eImplement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\u003c/li\u003e\u003cli\u003ePlease refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.automationdirect.com/docs/securityconsiderations.pdf\"\u003eAutomationDirect\u0027s security considerations\u003c/a\u003e\u0026nbsp;for additional information.\u003c/li\u003e\u003cli\u003eIf you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\n\n  *  Physically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\n  *  Configure network segmentation to isolate the PLC from other devices and systems within the organization.\n  *  Implement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\n  *  Please refer to  AutomationDirect\u0027s security considerations https://support.automationdirect.com/docs/securityconsiderations.pdf \u00a0for additional information.\n  *  If you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-59776",
        "datePublished": "2025-10-23T22:17:23.123Z",
        "dateReserved": "2025-10-21T21:55:11.887Z",
        "dateUpdated": "2025-10-24T14:27:46.119Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-58429 (GCVE-0-2025-58429)

    Vulnerability from cvelistv5 – Published: 2025-10-23 22:12 – Updated: 2025-10-24 14:28
    VLAI
    Title
    AutomationDirect Productivity Suite Relative Path Traversal
    Summary
    A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2025-10-23 16:00
    Credits
    Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-58429",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T14:28:23.624390Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T14:28:32.123Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-550E CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-530 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-540 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThan": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_suite:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-550e_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-530_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-540_cpu:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect."
            }
          ],
          "datePublic": "2025-10-23T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine.\u003c/span\u003e\n\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
                }
              ],
              "value": "A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "CWE-23",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-23T22:12:13.384Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01"
            },
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://support.automationdirect.com/docs/securityconsiderations.pdf"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect recommends that users do the following:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUpdate the Productivity Suite programming software to version 4.5.0.x or higher.\u003c/li\u003e\u003cli\u003eUpdate the firmware of Productivity PLCs to the latest version. \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e\u003c/li\u003e\u003cli\u003eAlthough automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\u003c/li\u003e\u003cli\u003eIt is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\u003c/li\u003e\u003cli\u003eAutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users do the following:\n\n  *  Update the Productivity Suite programming software to version 4.5.0.x or higher.\n  *  Update the firmware of Productivity PLCs to the latest version.  https://www.automationdirect.com/support/software-downloads \n  *  Although automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\n  *  It is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\n  *  AutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application."
            }
          ],
          "source": {
            "advisory": "ICSA-25-296-01",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Relative Path Traversal",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\u003c/p\u003e\u003cul\u003e\u003cli\u003ePhysically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\u003c/li\u003e\u003cli\u003eConfigure network segmentation to isolate the PLC from other devices and systems within the organization.\u003c/li\u003e\u003cli\u003eImplement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\u003c/li\u003e\u003cli\u003ePlease refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.automationdirect.com/docs/securityconsiderations.pdf\"\u003eAutomationDirect\u0027s security considerations\u003c/a\u003e\u0026nbsp;for additional information.\u003c/li\u003e\u003cli\u003eIf you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\n\n  *  Physically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\n  *  Configure network segmentation to isolate the PLC from other devices and systems within the organization.\n  *  Implement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\n  *  Please refer to  AutomationDirect\u0027s security considerations https://support.automationdirect.com/docs/securityconsiderations.pdf \u00a0for additional information.\n  *  If you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-58429",
        "datePublished": "2025-10-23T22:12:13.384Z",
        "dateReserved": "2025-10-21T21:55:11.881Z",
        "dateUpdated": "2025-10-24T14:28:32.123Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-58078 (GCVE-0-2025-58078)

    Vulnerability from cvelistv5 – Published: 2025-10-23 22:09 – Updated: 2025-10-24 14:28
    VLAI
    Title
    AutomationDirect Productivity Suite Relative Path Traversal
    Summary
    A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and write files with arbitrary data on the target machine.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2025-10-23 16:00
    Credits
    Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-58078",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T14:28:48.950645Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T14:28:56.329Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-550E CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-530 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-540 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThan": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_suite:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-550e_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-530_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-540_cpu:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect."
            }
          ],
          "datePublic": "2025-10-23T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA relative path traversal vulnerability was discovered in Productivity Suite software version \n\n4.4.1.19.\n\n\n The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and write files with arbitrary data on the target machine.\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
                }
              ],
              "value": "A relative path traversal vulnerability was discovered in Productivity Suite software version \n\n4.4.1.19.\n\n\n The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and write files with arbitrary data on the target machine."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "CWE-23",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-23T22:09:03.834Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01"
            },
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://support.automationdirect.com/docs/securityconsiderations.pdf"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect recommends that users do the following:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUpdate the Productivity Suite programming software to version 4.5.0.x or higher.\u003c/li\u003e\u003cli\u003eUpdate the firmware of Productivity PLCs to the latest version. \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e\u003c/li\u003e\u003cli\u003eAlthough automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\u003c/li\u003e\u003cli\u003eIt is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\u003c/li\u003e\u003cli\u003eAutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users do the following:\n\n  *  Update the Productivity Suite programming software to version 4.5.0.x or higher.\n  *  Update the firmware of Productivity PLCs to the latest version.  https://www.automationdirect.com/support/software-downloads \n  *  Although automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\n  *  It is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\n  *  AutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application."
            }
          ],
          "source": {
            "advisory": "ICSA-25-296-01",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite  Relative Path Traversal",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\u003c/p\u003e\u003cul\u003e\u003cli\u003ePhysically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\u003c/li\u003e\u003cli\u003eConfigure network segmentation to isolate the PLC from other devices and systems within the organization.\u003c/li\u003e\u003cli\u003eImplement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\u003c/li\u003e\u003cli\u003ePlease refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.automationdirect.com/docs/securityconsiderations.pdf\"\u003eAutomationDirect\u0027s security considerations\u003c/a\u003e\u0026nbsp;for additional information.\u003c/li\u003e\u003cli\u003eIf you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\n\n  *  Physically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\n  *  Configure network segmentation to isolate the PLC from other devices and systems within the organization.\n  *  Implement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\n  *  Please refer to  AutomationDirect\u0027s security considerations https://support.automationdirect.com/docs/securityconsiderations.pdf \u00a0for additional information.\n  *  If you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-58078",
        "datePublished": "2025-10-23T22:09:03.834Z",
        "dateReserved": "2025-10-21T21:55:11.872Z",
        "dateUpdated": "2025-10-24T14:28:56.329Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-58456 (GCVE-0-2025-58456)

    Vulnerability from cvelistv5 – Published: 2025-10-23 22:05 – Updated: 2025-10-24 14:29
    VLAI
    Title
    AutomationDirect Productivity Suite Relative Path Traversal
    Summary
    A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read arbitrary files on the target machine.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2025-10-23 16:00
    Credits
    Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-58456",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T14:29:15.507830Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T14:29:21.805Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-550E CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-530 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-540 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThan": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_suite:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-550e_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-530_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-540_cpu:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect."
            }
          ],
          "datePublic": "2025-10-23T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA relative path traversal vulnerability was discovered in Productivity Suite software version \n\n4.4.1.19.\n\n The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read arbitrary files on the target machine.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e"
                }
              ],
              "value": "A relative path traversal vulnerability was discovered in Productivity Suite software version \n\n4.4.1.19.\n\n The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read arbitrary files on the target machine."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "CWE-23",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-23T22:05:14.379Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01"
            },
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://support.automationdirect.com/docs/securityconsiderations.pdf"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect recommends that users do the following:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUpdate the Productivity Suite programming software to version 4.5.0.x or higher.\u003c/li\u003e\u003cli\u003eUpdate the firmware of Productivity PLCs to the latest version. \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e\u003c/li\u003e\u003cli\u003eAlthough automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\u003c/li\u003e\u003cli\u003eIt is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\u003c/li\u003e\u003cli\u003eAutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users do the following:\n\n  *  Update the Productivity Suite programming software to version 4.5.0.x or higher.\n  *  Update the firmware of Productivity PLCs to the latest version.  https://www.automationdirect.com/support/software-downloads \n  *  Although automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\n  *  It is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\n  *  AutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application."
            }
          ],
          "source": {
            "advisory": "ICSA-25-296-01",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Relative Path Traversal",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\u003c/p\u003e\u003cul\u003e\u003cli\u003ePhysically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\u003c/li\u003e\u003cli\u003eConfigure network segmentation to isolate the PLC from other devices and systems within the organization.\u003c/li\u003e\u003cli\u003eImplement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\u003c/li\u003e\u003cli\u003ePlease refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.automationdirect.com/docs/securityconsiderations.pdf\"\u003eAutomationDirect\u0027s security considerations\u003c/a\u003e\u0026nbsp;for additional information.\u003c/li\u003e\u003cli\u003eIf you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\n\n  *  Physically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\n  *  Configure network segmentation to isolate the PLC from other devices and systems within the organization.\n  *  Implement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\n  *  Please refer to  AutomationDirect\u0027s security considerations https://support.automationdirect.com/docs/securityconsiderations.pdf \u00a0for additional information.\n  *  If you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-58456",
        "datePublished": "2025-10-23T22:05:14.379Z",
        "dateReserved": "2025-10-21T21:55:11.863Z",
        "dateUpdated": "2025-10-24T14:29:21.805Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-61934 (GCVE-0-2025-61934)

    Vulnerability from cvelistv5 – Published: 2025-10-23 22:01 – Updated: 2025-10-24 14:31
    VLAI
    Title
    AutomationDirect Productivity Suite Binding to an Unrestricted IP Address CWE-1327
    Summary
    A binding to an unrestricted IP address vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read, write, or delete arbitrary files and folders on the target machine
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2025-10-23 16:00
    Credits
    Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61934",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T14:31:36.983809Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T14:31:43.765Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-550E CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-530 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-540 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThan": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_suite:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-550e_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-530_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-540_cpu:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect."
            }
          ],
          "datePublic": "2025-10-23T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA binding to an unrestricted IP address vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read, write, or delete arbitrary files and folders on the target machine\u003c/span\u003e"
                }
              ],
              "value": "A binding to an unrestricted IP address vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read, write, or delete arbitrary files and folders on the target machine"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1327",
                  "description": "CWE-1327",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-23T22:01:28.290Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01"
            },
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://support.automationdirect.com/docs/securityconsiderations.pdf"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect recommends that users do the following:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUpdate the Productivity Suite programming software to version 4.5.0.x or higher.\u003c/li\u003e\u003cli\u003eUpdate the firmware of Productivity PLCs to the latest version. \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e\u003c/li\u003e\u003cli\u003eAlthough automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\u003c/li\u003e\u003cli\u003eIt is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\u003c/li\u003e\u003cli\u003eAutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users do the following:\n\n  *  Update the Productivity Suite programming software to version 4.5.0.x or higher.\n  *  Update the firmware of Productivity PLCs to the latest version.  https://www.automationdirect.com/support/software-downloads \n  *  Although automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\n  *  It is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\n  *  AutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application."
            }
          ],
          "source": {
            "advisory": "ICSA-25-296-01",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Binding to an Unrestricted IP Address CWE-1327",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\u003c/p\u003e\u003cul\u003e\u003cli\u003ePhysically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\u003c/li\u003e\u003cli\u003eConfigure network segmentation to isolate the PLC from other devices and systems within the organization.\u003c/li\u003e\u003cli\u003eImplement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\u003c/li\u003e\u003cli\u003ePlease refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.automationdirect.com/docs/securityconsiderations.pdf\"\u003eAutomationDirect\u0027s security considerations\u003c/a\u003e\u0026nbsp;for additional information.\u003c/li\u003e\u003cli\u003eIf you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\n\n  *  Physically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\n  *  Configure network segmentation to isolate the PLC from other devices and systems within the organization.\n  *  Implement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\n  *  Please refer to  AutomationDirect\u0027s security considerations https://support.automationdirect.com/docs/securityconsiderations.pdf \u00a0for additional information.\n  *  If you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-61934",
        "datePublished": "2025-10-23T22:01:28.290Z",
        "dateReserved": "2025-10-21T21:55:11.850Z",
        "dateUpdated": "2025-10-24T14:31:43.765Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-62688 (GCVE-0-2025-62688)

    Vulnerability from cvelistv5 – Published: 2025-10-23 21:58 – Updated: 2025-10-24 14:32
    VLAI
    Title
    AutomationDirect Productivity Suite Incorrect Permission Assignment for Critical Resource
    Summary
    An incorrect permission assignment for a critical resource vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker with low-privileged credentials to change their role, gaining full control access to the project.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2025-10-23 16:00
    Credits
    Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-62688",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T14:32:07.318424Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T14:32:15.375Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-550E CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-530 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-540 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThan": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_suite:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-550e_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-530_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-540_cpu:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect."
            }
          ],
          "datePublic": "2025-10-23T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn incorrect permission assignment for a critical resource vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker with low-privileged credentials to change their role, gaining full control access to the project.\u003c/span\u003e\n\n\u003c/span\u003e"
                }
              ],
              "value": "An incorrect permission assignment for a critical resource vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker with low-privileged credentials to change their role, gaining full control access to the project."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:L/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-732",
                  "description": "CWE-732",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-23T21:58:16.532Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01"
            },
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://support.automationdirect.com/docs/securityconsiderations.pdf"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect recommends that users do the following:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUpdate the Productivity Suite programming software to version 4.5.0.x or higher.\u003c/li\u003e\u003cli\u003eUpdate the firmware of Productivity PLCs to the latest version. \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e\u003c/li\u003e\u003cli\u003eAlthough automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\u003c/li\u003e\u003cli\u003eIt is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\u003c/li\u003e\u003cli\u003eAutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users do the following:\n\n  *  Update the Productivity Suite programming software to version 4.5.0.x or higher.\n  *  Update the firmware of Productivity PLCs to the latest version.  https://www.automationdirect.com/support/software-downloads \n  *  Although automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\n  *  It is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\n  *  AutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application."
            }
          ],
          "source": {
            "advisory": "ICSA-25-296-01",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Incorrect Permission Assignment for Critical Resource",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\u003c/p\u003e\u003cul\u003e\u003cli\u003ePhysically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\u003c/li\u003e\u003cli\u003eConfigure network segmentation to isolate the PLC from other devices and systems within the organization.\u003c/li\u003e\u003cli\u003eImplement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\u003c/li\u003e\u003cli\u003ePlease refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.automationdirect.com/docs/securityconsiderations.pdf\"\u003eAutomationDirect\u0027s security considerations\u003c/a\u003e\u0026nbsp;for additional information.\u003c/li\u003e\u003cli\u003eIf you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\n\n  *  Physically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\n  *  Configure network segmentation to isolate the PLC from other devices and systems within the organization.\n  *  Implement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\n  *  Please refer to  AutomationDirect\u0027s security considerations https://support.automationdirect.com/docs/securityconsiderations.pdf \u00a0for additional information.\n  *  If you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-62688",
        "datePublished": "2025-10-23T21:58:16.532Z",
        "dateReserved": "2025-10-21T21:55:11.842Z",
        "dateUpdated": "2025-10-24T14:32:15.375Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-61977 (GCVE-0-2025-61977)

    Vulnerability from cvelistv5 – Published: 2025-10-23 21:51 – Updated: 2025-10-24 14:34
    VLAI
    Title
    AutomationDirect Productivity Suite Weak Password Recovery Mechanism for Forgotten Password
    Summary
    A weak password recovery mechanism for forgotten password vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an attacker to decrypt an encrypted project by answering just one recovery question.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2025-10-23 16:00
    Credits
    Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61977",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T14:33:53.667914Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T14:34:02.891Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-550E CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-530 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-540 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThan": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_suite:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-550e_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-530_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-540_cpu:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect."
            }
          ],
          "datePublic": "2025-10-23T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA weak password recovery mechanism for forgotten password vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an attacker to decrypt an encrypted project by answering just one recovery question.\u003c/span\u003e\n\n \u003c/span\u003e"
                }
              ],
              "value": "A weak password recovery mechanism for forgotten password vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an attacker to decrypt an encrypted project by answering just one recovery question."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-640",
                  "description": "CWE-640",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-23T21:51:56.523Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json"
            },
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://support.automationdirect.com/docs/securityconsiderations.pdf"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect recommends that users do the following:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUpdate the Productivity Suite programming software to version 4.5.0.x or higher.\u003c/li\u003e\u003cli\u003eUpdate the firmware of Productivity PLCs to the latest version. \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e\u003c/li\u003e\u003cli\u003eAlthough automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\u003c/li\u003e\u003cli\u003eIt is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\u003c/li\u003e\u003cli\u003eAutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users do the following:\n\n  *  Update the Productivity Suite programming software to version 4.5.0.x or higher.\n  *  Update the firmware of Productivity PLCs to the latest version.  https://www.automationdirect.com/support/software-downloads \n  *  Although automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\n  *  It is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\n  *  AutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application."
            }
          ],
          "source": {
            "advisory": "ICSA-25-296-01",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Weak Password Recovery Mechanism for Forgotten Password",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\u003c/p\u003e\u003cul\u003e\u003cli\u003ePhysically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\u003c/li\u003e\u003cli\u003eConfigure network segmentation to isolate the PLC from other devices and systems within the organization.\u003c/li\u003e\u003cli\u003eImplement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\u003c/li\u003e\u003cli\u003ePlease refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.automationdirect.com/docs/securityconsiderations.pdf\"\u003eAutomationDirect\u0027s security considerations\u003c/a\u003e\u0026nbsp;for additional information.\u003c/li\u003e\u003cli\u003eIf you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\n\n  *  Physically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\n  *  Configure network segmentation to isolate the PLC from other devices and systems within the organization.\n  *  Implement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\n  *  Please refer to  AutomationDirect\u0027s security considerations https://support.automationdirect.com/docs/securityconsiderations.pdf \u00a0for additional information.\n  *  If you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-61977",
        "datePublished": "2025-10-23T21:51:56.523Z",
        "dateReserved": "2025-10-21T21:55:11.830Z",
        "dateUpdated": "2025-10-24T14:34:02.891Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-62498 (GCVE-0-2025-62498)

    Vulnerability from cvelistv5 – Published: 2025-10-23 21:46 – Updated: 2025-10-24 14:34
    VLAI
    Title
    AutomationDirect Productivity Suite Relative Path Traversal
    Summary
    A relative path traversal (ZipSlip) vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker who can tamper with a productivity project to execute arbitrary code on the machine where the project is opened.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2025-10-23 16:00
    Credits
    Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-62498",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T14:34:28.270545Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T14:34:34.818Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Productivity Suite",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-550E CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW V4.2.1.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 3000 P3-530 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-622 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 2000 P2-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-550 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThanOrEqual": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Productivity 1000 P1-540 CPU",
              "vendor": "AutomationDirect",
              "versions": [
                {
                  "lessThan": "SW v4.4.1.19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_suite:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-550e_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.2.1.9",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_3000_p3-530_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-622_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_2000_p2-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-550_cpu:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:automationdirect:productivity_1000_p1-540_cpu:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "sw_v4.4.1.19",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Luca Borzacchiello of Nozomi Networks reported these vulnerabilities to AutomationDirect."
            }
          ],
          "datePublic": "2025-10-23T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA relative path traversal (ZipSlip) vulnerability was discovered in Productivity Suite software version\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e \n\n\u003cspan style=\"background-color: rgb(252, 240, 192);\"\u003e4.4.1.19\u003c/span\u003e. The vulnerability allows an attacker who can tamper with a productivity project to execute arbitrary code on the machine where the project is opened."
                }
              ],
              "value": "A relative path traversal (ZipSlip) vulnerability was discovered in Productivity Suite software version \n\n4.4.1.19. The vulnerability allows an attacker who can tamper with a productivity project to execute arbitrary code on the machine where the project is opened."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "CWE-23",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-23T21:46:45.360Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01"
            },
            {
              "url": "https://www.automationdirect.com/support/software-downloads"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect recommends that users do the following:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUpdate the Productivity Suite programming software to version 4.5.0.x or higher.\u003c/li\u003e\u003cli\u003eUpdate the firmware of Productivity PLCs to the latest version. \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.automationdirect.com/support/software-downloads\"\u003ehttps://www.automationdirect.com/support/software-downloads\u003c/a\u003e\u003c/li\u003e\u003cli\u003eAlthough automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\u003c/li\u003e\u003cli\u003eIt is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\u003c/li\u003e\u003cli\u003eAutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect recommends that users do the following:\n\n  *  Update the Productivity Suite programming software to version 4.5.0.x or higher.\n  *  Update the firmware of Productivity PLCs to the latest version.  https://www.automationdirect.com/support/software-downloads \n  *  Although automation networks and systems come equipped with built-in password protection mechanisms, this represents a fraction of the security measures needed to safeguard these systems.\n  *  It is imperative that automation control system networks integrate data protection and security measures that match, if not exceed, the robustness of conventional business computer systems.\n  *  AutomationDirect advises users of PLCs, HMI products, and SCADA systems to conduct a thorough network security analysis to ascertain the appropriate level of security necessary for their specific application."
            }
          ],
          "source": {
            "advisory": "ICSA-25-296-01",
            "discovery": "EXTERNAL"
          },
          "title": "AutomationDirect Productivity Suite Relative Path Traversal",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\u003c/p\u003e\u003cul\u003e\u003cli\u003ePhysically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\u003c/li\u003e\u003cli\u003eConfigure network segmentation to isolate the PLC from other devices and systems within the organization.\u003c/li\u003e\u003cli\u003eImplement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\u003c/li\u003e\u003cli\u003ePlease refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.automationdirect.com/docs/securityconsiderations.pdf\"\u003eAutomationDirect\u0027s security considerations\u003c/a\u003e\u0026nbsp;for additional information.\u003c/li\u003e\u003cli\u003eIf you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to the latest version:\n\n  *  Physically disconnect the PLC from any external networks, including the internet, local area networks (LANs), and other interconnected systems.\n  *  Configure network segmentation to isolate the PLC from other devices and systems within the organization.\n  *  Implement firewall rules or network access control (NAC) policies to block incoming and outgoing traffic to the PLC.\n  *  Please refer to  AutomationDirect\u0027s security considerations https://support.automationdirect.com/docs/securityconsiderations.pdf \u00a0for additional information.\n  *  If you have any questions regarding this issue, please contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for further assistance."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-62498",
        "datePublished": "2025-10-23T21:46:45.360Z",
        "dateReserved": "2025-10-21T21:55:11.793Z",
        "dateUpdated": "2025-10-24T14:34:34.818Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }