AutomationDirect Click Plus C0-0x CPU
Easy fix9 remedies
cpe:2.3:o:automationdirect:click_plc_firmware:*:*:*:*:*:*:*
Easy fix9 remedies
- < 3.71
AutomationDirect Click Plus PLC Predictable Seed in Pseudo-Random Number Generator Vulnerability
Vulnerability
Patched
A vulnerability has been identified in the Click Plus PLC firmware version 3.60, where a predictable seed in the pseudo-random number generator compromises the security of generated private keys. This vulnerability allows for the potential manipulation of cryptographic operations, as the predictability of the seed can be exploited to reproduce random values used in key generation.
Impact
Exploitation of this vulnerability compromises the security of cryptographic keys, allowing for unauthorized access or manipulation of data protected by these keys.
Remediation
Users are advised to update the Click Plus PLC firmware to version 3.80. If an immediate update is not possible, it is recommended to isolate the PLC from external networks, restrict access to authorized personnel, and use secure internal communications.
Added: Sep 23, 2025, 11:18 PM
Updated: Sep 23, 2025, 11:18 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
2.5exploitability
4.7remediation
7.9relevance
0.6threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.