Vulnerabilities > Automationdirect
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-04 | CVE-2021-32978 | Insufficiently Protected Credentials vulnerability in Automationdirect products The programming protocol allows for a previously entered password and lock state to be read by an attacker. | 5.0 |
| 2022-04-04 | CVE-2021-32980 | Improper Authentication vulnerability in Automationdirect products Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 does not protect against additional software programming connections. | 7.5 |
| 2022-04-04 | CVE-2021-32982 | Cleartext Transmission of Sensitive Information vulnerability in Automationdirect products Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 passwords are sent as plaintext during unlocking and project transfers. | 5.0 |
| 2022-04-04 | CVE-2021-32984 | Improper Authentication vulnerability in Automationdirect products All programming connections receive the same unlocked privileges, which can result in a privilege escalation. | 7.5 |
| 2022-04-04 | CVE-2021-32986 | Incorrect Authorization vulnerability in Automationdirect products After Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is unlocked by an authorized user, the unlocked state does not timeout. | 9.8 |
| 2020-07-23 | CVE-2020-10922 | Improper Input Validation vulnerability in Automationdirect C-More HMI EA9 Firmware 6.52 This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. | 5.0 |
| 2020-07-23 | CVE-2020-10921 | Missing Authentication for Critical Function vulnerability in Automationdirect C-More HMI EA9 Firmware 6.52 This vulnerability allows remote attackers to issue commands on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. | 7.5 |
| 2020-07-23 | CVE-2020-10920 | Missing Authentication for Critical Function vulnerability in Automationdirect C-More HMI EA9 Firmware 6.52 This vulnerability allows remote attackers to execute arbitrary code on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. | 7.5 |
| 2020-07-23 | CVE-2020-10919 | Inadequate Encryption Strength vulnerability in Automationdirect C-More HMI EA9 Firmware 6.52 This vulnerability allows remote attackers to disclose sensitive information on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. | 4.3 |
| 2020-07-23 | CVE-2020-10918 | Improper Authentication vulnerability in Automationdirect C-More HMI EA9 Firmware 6.52 This vulnerability allows remote attackers to bypass authentication on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. | 5.0 |