Primary

Context

AutomationDirect Click Programming Software Cleartext Storage of Sensitive Information Vulnerability

Vulnerability

A vulnerability exists in AutomationDirect Click Programming Software version 3.60, allowing local users with access to the file system to steal credentials stored in clear text. This exploitation can occur while an administrator session is active.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive credentials, potentially allowing for further exploitation of user accounts or privileges.

Remediation

Users are advised to update Click Programming Software to version 3.80. If an immediate update is not possible, it is recommended to isolate the Click Plus PLC from external networks, restrict access to authorized personnel, and use endpoint protection tools to block unauthorized access attempts.

Added: Sep 23, 2025, 10:18 PM

Updated: Sep 23, 2025, 10:18 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AutomationDirect Click Programming Software Cleartext Storage of Sensitive Information Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating