CVE-2025-59484

Summary

The use of a broken or risky cryptographic algorithm was discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software uses an insecure implementation of the RSA encryption algorithm.

Affected Software

VendorProductVersion RangeStatus
AutomationDirectCLICK PLUS C0-0x CPU firmware0 < v3.71affected
AutomationDirectCLICK PLUS C0-1x CPU firmware0 < v3.71affected
AutomationDirectCLICK PLUS C2-x CPU firmware0 < v3.71affected

Weaknesses

  • CWE-327: CWE-327 Use of a Broken or Risky Cryptographic Algorithm

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References