Vulnerabilities > Automationdirect

DATE CVE VULNERABILITY TITLE RISK
2022-04-04 CVE-2021-32978 Insufficiently Protected Credentials vulnerability in Automationdirect products
The programming protocol allows for a previously entered password and lock state to be read by an attacker.
network
low complexity
automationdirect CWE-522
5.0
2022-04-04 CVE-2021-32980 Improper Authentication vulnerability in Automationdirect products
Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 does not protect against additional software programming connections.
network
low complexity
automationdirect CWE-287
7.5
2022-04-04 CVE-2021-32982 Cleartext Transmission of Sensitive Information vulnerability in Automationdirect products
Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 passwords are sent as plaintext during unlocking and project transfers.
network
low complexity
automationdirect CWE-319
5.0
2022-04-04 CVE-2021-32984 Improper Authentication vulnerability in Automationdirect products
All programming connections receive the same unlocked privileges, which can result in a privilege escalation.
network
low complexity
automationdirect CWE-287
7.5
2022-04-04 CVE-2021-32986 Incorrect Authorization vulnerability in Automationdirect products
After Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is unlocked by an authorized user, the unlocked state does not timeout.
network
low complexity
automationdirect CWE-863
critical
9.8
2020-07-23 CVE-2020-10922 Improper Input Validation vulnerability in Automationdirect C-More HMI EA9 Firmware 6.52
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels.
network
low complexity
automationdirect CWE-20
5.0
2020-07-23 CVE-2020-10921 Missing Authentication for Critical Function vulnerability in Automationdirect C-More HMI EA9 Firmware 6.52
This vulnerability allows remote attackers to issue commands on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels.
network
low complexity
automationdirect CWE-306
7.5
2020-07-23 CVE-2020-10920 Missing Authentication for Critical Function vulnerability in Automationdirect C-More HMI EA9 Firmware 6.52
This vulnerability allows remote attackers to execute arbitrary code on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels.
network
low complexity
automationdirect CWE-306
7.5
2020-07-23 CVE-2020-10919 Inadequate Encryption Strength vulnerability in Automationdirect C-More HMI EA9 Firmware 6.52
This vulnerability allows remote attackers to disclose sensitive information on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels.
4.3
2020-07-23 CVE-2020-10918 Improper Authentication vulnerability in Automationdirect C-More HMI EA9 Firmware 6.52
This vulnerability allows remote attackers to bypass authentication on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels.
network
low complexity
automationdirect CWE-287
5.0