1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: AutomationDirect
- Equipment: Productivity Suite
- Vulnerabilities: Relative Path Traversal, Weak Password Recovery Mechanism for Forgotten Password, Incorrect Permission Assignment for Critical Resource, Binding to an Unrestricted IP Address
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could enable an attacker to execute arbitrary code, disclose information, gain full-control access to projects, or obtain read and write access to files.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following AutomationDirect Productivity PLCs are affected:
- Productivity Suite: V4.2.1.9 and prior
- Productivity 3000 P3-622 CPU: SW v4.4.1.19 and prior
- Productivity 3000 P3-550E CPU: SW v4.4.1.19 and prior
- Productivity 3000 P3-530 CPU: SW v4.4.1.19 and prior
- Productivity 2000 P2-622 CPU: SW v4.4.1.19 and prior
- Productivity 2000 P2-550 CPU: SW v4.4.1.19 and prior
- Productivity 1000 P1-550 CPU: SW v4.4.1.19 and prior
- Productivity 1000 P1-540 CPU: SW v4.4.1.19 and prior
3.2 VULNERABILITY OVERVIEW
3.2.1 Relative Path Traversal CWE-23
A relative path traversal (ZipSlip) vulnerability was discovered in Productivity Suite software version 4.2.1.8. The vulnerability allows an attacker who can tamper with a productivity project to execute arbitrary code on the machine where the project is opened.
CVE-2025-62498 has been assigned to this vulnerability. A CVSS v3.1 base score of 8.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for This article has been indexed from All CISA Advisories