← volver
CVE-2025-59484

AutomationDirect CLICK PLUS Use of a Broken or Risky Cryptographic Algorithm

CVSS 8.7 HIGHEPSS 0.1%CWE-327
The use of a broken or risky cryptographic algorithm was discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software uses an insecure implementation of the RSA encryption algorithm.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
Productos afectados
AutomationDirect · CLICK PLUS C0-0x CPU firmwareAutomationDirect · CLICK PLUS C0-1x CPU firmwareAutomationDirect · CLICK PLUS C2-x CPU firmware

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.automationdirect.com/support/software-downloadshttps://www.cisa.gov/news-events/ics-advisories/icsa-25-266-01