CNNVD-202510-3188 Information
CNNVD ID
CNNVD-202510-3188
Related CVE
- CNNVD Published: 2025-10-23
Description (Chinese)
AutomationDirect Productivity Suite是美国AutomationDirect公司的一款可编程逻辑控制器编程软件。 AutomationDirect Productivity Suite 4.4.1.19版本存在安全漏洞,该漏洞源于关键资源权限分配不当,可能导致低权限攻击者获得项目完全控制权限。
Description (English)
Automation Direct Production Suite is a programmable logical controller programming software for Automation Direct. There is a security loophole in version 4.4.1.19 of Automotion Direct Production System, which stems from the misallocation of critical resources authority, which may lead to the acquisition of full project control by low-authority attackers.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
AutomationDirect
Published
2025-10-23
Last Modified
2026-02-24
References
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json https://support.automationdirect.com/docs/securityconsiderations.pdf https://www.automationdirect.com/support/software-downloads https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01
Patch
https://www.productivitysuite.com/
Share on: