CNNVD-202510-3194 Information

Oct 23, 2025 cve

CNNVD ID

CNNVD-202510-3194

CVE-2025-61934

CNNVD Published: 2025-10-23

Description (Chinese)

AutomationDirect Productivity Suite是美国AutomationDirect公司的一款可编程逻辑控制器编程软件。 AutomationDirect Productivity Suite v4.4.1.19版本存在安全漏洞，该漏洞源于绑定到不受限制的IP地址，可能导致未经身份验证的远程攻击者读取、写入或删除目标机器上的任意文件和文件夹。

Description (English)

Automation Direct Production Suite is a programmable logical controller programming software for Automation Direct. There is a security loophole in version AutomationDirect Production Suite v4.1.19, which originates from binding to an unrestricted IP address and may lead to unidentified remote assailants reading, writing or removing random files and folders on the target machine.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

AutomationDirect

Published

2025-10-23

Last Modified

2026-02-24

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json https://support.automationdirect.com/docs/securityconsiderations.pdf https://www.automationdirect.com/support/software-downloads https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01

Patch

https://www.productivitysuite.com/

Share on: