Multiple vulnerabilities in AutomationDirect CLICK PLUS
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2025-54855 CVE-2025-58069 CVE-2025-59484 CVE-2025-55069 CVE-2025-58473 CVE-2025-55038 CVE-2025-57882 |
| CWE-ID | CWE-312 CWE-321 CWE-327 CWE-337 CWE-404 CWE-862 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
CLICK PLUS C2-x CPU Hardware solutions / Firmware CLICK PLUS C0-0x CPU Hardware solutions / Firmware CLICK PLUS C0-1x CPU Hardware solutions / Firmware |
| Vendor | AutomationDirect |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Cleartext storage of sensitive information
EUVDB-ID: #VU116064
Risk: Low
CVSSv4.0: 0.6 [CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-54855
CWE-ID:
CWE-312 - Cleartext Storage of Sensitive Information
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to cleartext storage of sensitive information in Click Programming Software. A local administrator can gain access to sensitive information.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCLICK PLUS C2-x CPU: before 3.71
CLICK PLUS C0-0x CPU: before 3.71
CLICK PLUS C0-1x CPU: before 3.71
CPE2.3- cpe:2.3:h:automationdirect:click_plus_c2-x_cpu:*:*:*:*:*:*:*:*
- cpe:2.3:h:automationdirect:click_plus_c0-0x_cpu:*:*:*:*:*:*:*:*
- cpe:2.3:h:automationdirect:click_plus_c0-1x_cpu:*:*:*:*:*:*:*:*
https://www.automationdirect.com/support/software-downloads
https://www.cisa.gov/news-events/ics-advisories/icsa-25-266-01
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use of hard-coded cryptographic key
EUVDB-ID: #VU116065
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-58069
CWE-ID:
CWE-321 - Use of Hard-coded Cryptographic Key
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to use of hard-coded cryptographic key. A remote attacker can gain access to initial messages of a new KOPS session.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCLICK PLUS C2-x CPU: before 3.71
CLICK PLUS C0-0x CPU: before 3.71
CLICK PLUS C0-1x CPU: before 3.71
CPE2.3- cpe:2.3:h:automationdirect:click_plus_c2-x_cpu:*:*:*:*:*:*:*:*
- cpe:2.3:h:automationdirect:click_plus_c0-0x_cpu:*:*:*:*:*:*:*:*
- cpe:2.3:h:automationdirect:click_plus_c0-1x_cpu:*:*:*:*:*:*:*:*
https://www.automationdirect.com/support/software-downloads
https://www.cisa.gov/news-events/ics-advisories/icsa-25-266-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Use of a broken or risky cryptographic algorithm
EUVDB-ID: #VU116066
Risk: High
CVSSv4.0: 6.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-59484
CWE-ID:
CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to use of a broken or risky cryptographic algorithm. A remote attacker can bypass a security feature on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCLICK PLUS C2-x CPU: before 3.71
CLICK PLUS C0-0x CPU: before 3.71
CLICK PLUS C0-1x CPU: before 3.71
CPE2.3- cpe:2.3:h:automationdirect:click_plus_c2-x_cpu:*:*:*:*:*:*:*:*
- cpe:2.3:h:automationdirect:click_plus_c0-0x_cpu:*:*:*:*:*:*:*:*
- cpe:2.3:h:automationdirect:click_plus_c0-1x_cpu:*:*:*:*:*:*:*:*
https://www.automationdirect.com/support/software-downloads
https://www.cisa.gov/news-events/ics-advisories/icsa-25-266-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Predictable Seed in Pseudo-Random Number Generator (PRNG)
EUVDB-ID: #VU116067
Risk: High
CVSSv4.0: 6.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-55069
CWE-ID:
CWE-337 - Predictable Seed in Pseudo-Random Number Generator (PRNG)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the system.
The vulnerability exists due to predictable seed in the pseudo-random number generator. A remote attacker can gain access to generated private keys.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCLICK PLUS C2-x CPU: before 3.71
CLICK PLUS C0-0x CPU: before 3.71
CLICK PLUS C0-1x CPU: before 3.71
CPE2.3- cpe:2.3:h:automationdirect:click_plus_c2-x_cpu:*:*:*:*:*:*:*:*
- cpe:2.3:h:automationdirect:click_plus_c0-0x_cpu:*:*:*:*:*:*:*:*
- cpe:2.3:h:automationdirect:click_plus_c0-1x_cpu:*:*:*:*:*:*:*:*
https://www.automationdirect.com/support/software-downloads
https://www.cisa.gov/news-events/ics-advisories/icsa-25-266-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper resource shutdown or release
EUVDB-ID: #VU116068
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-58473
CWE-ID:
CWE-404 - Improper Resource Shutdown or Release
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper resource shutdown or release. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCLICK PLUS C2-x CPU: before 3.71
CLICK PLUS C0-0x CPU: before 3.71
CLICK PLUS C0-1x CPU: before 3.71
CPE2.3- cpe:2.3:h:automationdirect:click_plus_c2-x_cpu:*:*:*:*:*:*:*:*
- cpe:2.3:h:automationdirect:click_plus_c0-0x_cpu:*:*:*:*:*:*:*:*
- cpe:2.3:h:automationdirect:click_plus_c0-1x_cpu:*:*:*:*:*:*:*:*
https://www.automationdirect.com/support/software-downloads
https://www.cisa.gov/news-events/ics-advisories/icsa-25-266-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Missing Authorization
EUVDB-ID: #VU116069
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-55038
CWE-ID:
CWE-862 - Missing Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authorization checks.
The vulnerability exists due to missing authorization within the KOPR protocol. A remote user can read and modify PLC variables beyond their intended authorization level.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCLICK PLUS C2-x CPU: before 3.71
CLICK PLUS C0-0x CPU: before 3.71
CLICK PLUS C0-1x CPU: before 3.71
CPE2.3- cpe:2.3:h:automationdirect:click_plus_c2-x_cpu:*:*:*:*:*:*:*:*
- cpe:2.3:h:automationdirect:click_plus_c0-0x_cpu:*:*:*:*:*:*:*:*
- cpe:2.3:h:automationdirect:click_plus_c0-1x_cpu:*:*:*:*:*:*:*:*
https://www.automationdirect.com/support/software-downloads
https://www.cisa.gov/news-events/ics-advisories/icsa-25-266-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper resource shutdown or release
EUVDB-ID: #VU116070
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-57882
CWE-ID:
CWE-404 - Improper Resource Shutdown or Release
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper resource shutdown or release in the Click Plus C2-03CPU-2 device. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCLICK PLUS C2-x CPU: before 3.71
CLICK PLUS C0-0x CPU: before 3.71
CLICK PLUS C0-1x CPU: before 3.71
CPE2.3- cpe:2.3:h:automationdirect:click_plus_c2-x_cpu:*:*:*:*:*:*:*:*
- cpe:2.3:h:automationdirect:click_plus_c0-0x_cpu:*:*:*:*:*:*:*:*
- cpe:2.3:h:automationdirect:click_plus_c0-1x_cpu:*:*:*:*:*:*:*:*
https://www.automationdirect.com/support/software-downloads
https://www.cisa.gov/news-events/ics-advisories/icsa-25-266-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
