CNNVD-202510-3197 Information

Oct 23, 2025 cve

CNNVD ID

CNNVD-202510-3197

CVE-2025-58078

CNNVD Published: 2025-10-23

Description (Chinese)

AutomationDirect Productivity Suite是美国AutomationDirect公司的一款可编程逻辑控制器编程软件。 AutomationDirect Productivity Suite 4.4.1.19版本存在安全漏洞，该漏洞源于远程攻击者可通过ProductivityService PLC模拟器进行相对路径遍历，可能导致在目标机器上写入任意数据。

Description (English)

Automation Direct Production Suite is a programmable logical controller programming software for Automation Direct. There is a security loophole in version 4.4.1.19 of Operation Direct Production System, which stems from the fact that long-range assailants can travel in relative directions through the Production Service PLC simulator, which may lead to the inclusion of random data on the target machine.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

AutomationDirect

Published

2025-10-23

Last Modified

2026-02-24

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json https://support.automationdirect.com/docs/securityconsiderations.pdf https://www.automationdirect.com/support/software-downloads https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01

Patch

https://www.productivitysuite.com/

Share on: