CNNVD-202510-3199 Information
CNNVD ID
CNNVD-202510-3199
Related CVE
- CNNVD Published: 2025-10-23
Description (Chinese)
AutomationDirect Productivity Suite是美国AutomationDirect公司的一款可编程逻辑控制器编程软件。 AutomationDirect Productivity Suite 4.4.1.19版本存在安全漏洞,该漏洞源于相对路径遍历漏洞,可能导致未经验证的远程攻击者读取目标机器上的任意文件。
Description (English)
Automation Direct Production Suite is a programmable logical controller programming software for Automation Direct. There is a security loophole in version 4.4.1.19 of Automation Direct Production System, which stems from a loophole of relative paths that may lead unverified remote assailants to read random files on the target machine.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
AutomationDirect
Published
2025-10-23
Last Modified
2026-02-24
References
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-296-01.json https://support.automationdirect.com/docs/securityconsiderations.pdf https://www.automationdirect.com/support/software-downloads https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01
Patch
https://www.productivitysuite.com/
Share on: