cbcvebase.

Automationdirect Productivity 1000 P1-540 Cpu vulnerabilities

9 known vulnerabilities affecting automationdirect/productivity_1000_p1-540_cpu.

Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH5MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2025-61934P2CRITICALCVSS 10.0fixed in SW v4.4.1.192025-10-23
CVE-2025-61934 [CRITICAL] CWE-1327 CVE-2025-61934: A binding to an unrestricted IP address vulnerability was discovered in Productivity Suite software A binding to an unrestricted IP address vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read, write, or delete arbitrary files and folders on the target machine
nvd
CVE-2025-58078P3HIGHCVSS 7.5fixed in SW v4.4.1.192025-10-23
CVE-2025-58078 [HIGH] CWE-23 CVE-2025-58078: A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4. A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and write files with arbitrary data on the target machine.
nvd
CVE-2025-58429P3HIGHCVSS 7.5fixed in SW v4.4.1.192025-10-23
CVE-2025-58429 [HIGH] CWE-23 CVE-2025-58429: A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1. A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine.
nvd
CVE-2025-62498P3HIGHCVSS 8.8fixed in SW v4.4.1.192025-10-23
CVE-2025-62498 [HIGH] CWE-23 CVE-2025-62498: A relative path traversal (ZipSlip) vulnerability was discovered in Productivity Suite software vers A relative path traversal (ZipSlip) vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker who can tamper with a productivity project to execute arbitrary code on the machine where the project is opened.
nvd
CVE-2025-58456P3MEDIUMCVSS 6.8fixed in SW v4.4.1.192025-10-23
CVE-2025-58456 [MEDIUM] CWE-23 CVE-2025-58456: A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4. A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read arbitrary files on the target machine.
nvd
CVE-2025-61977P3HIGHCVSS 7.0fixed in SW v4.4.1.192025-10-23
CVE-2025-61977 [HIGH] CWE-640 CVE-2025-61977: A weak password recovery mechanism for forgotten password vulnerability was discovered in Productivi A weak password recovery mechanism for forgotten password vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an attacker to decrypt an encrypted project by answering just one recovery question.
nvd
CVE-2025-62688P4HIGHCVSS 7.1fixed in SW v4.4.1.192025-10-23
CVE-2025-62688 [HIGH] CWE-732 CVE-2025-62688: An incorrect permission assignment for a critical resource vulnerability was discovered in Productiv An incorrect permission assignment for a critical resource vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker with low-privileged credentials to change their role, gaining full control access to the project.
nvd
CVE-2025-59776P4MEDIUMCVSS 4.0fixed in SW v4.4.1.192025-10-23
CVE-2025-59776 [MEDIUM] CWE-23 CVE-2025-59776: A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1. A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and create arbitrary directories on the target machine.
nvd
CVE-2025-60023P4MEDIUMCVSS 4.0fixed in SW v4.4.1.192025-10-23
CVE-2025-60023 [MEDIUM] CWE-23 CVE-2025-60023: A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1. A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine.
nvd
Automationdirect Productivity 1000 P1-540 Cpu vulnerabilities | cvebase