Vulnerabilities > Automationdirect > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-31 | CVE-2022-2003 | Unspecified vulnerability in Automationdirect products AutomationDirect DirectLOGIC is vulnerable to a specifically crafted serial message to the CPU serial port that will cause the PLC to respond with the PLC password in cleartext. | 9.1 |
| 2022-04-04 | CVE-2021-32980 | Improper Authentication vulnerability in Automationdirect products Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 does not protect against additional software programming connections. | 9.8 |
| 2022-04-04 | CVE-2021-32984 | Improper Authentication vulnerability in Automationdirect products All programming connections receive the same unlocked privileges, which can result in a privilege escalation. | 9.8 |
| 2022-04-04 | CVE-2021-32986 | Incorrect Authorization vulnerability in Automationdirect products After Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is unlocked by an authorized user, the unlocked state does not timeout. | 9.8 |
| 2020-07-23 | CVE-2020-10921 | Unspecified vulnerability in Automationdirect C-More HMI EA9 Firmware 6.52 This vulnerability allows remote attackers to issue commands on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. | 9.8 |
| 2020-07-23 | CVE-2020-10920 | Unspecified vulnerability in Automationdirect C-More HMI EA9 Firmware 6.52 This vulnerability allows remote attackers to execute arbitrary code on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. | 9.8 |
| 2020-02-05 | CVE-2020-6969 | Insufficiently Protected Credentials vulnerability in Automationdirect products It is possible to unmask credentials and other sensitive information on “unprotected” project files, which may allow an attacker to remotely access the C-More Touch Panels EA9 series: firmware versions prior to 6.53 and manipulate system configurations. | 9.8 |