Primary

Context

AutomationDirect Click Plus C2-03CPU-2 Improper Resource Shutdown Vulnerability Allowing Denial-of-Service

Vulnerability

A denial-of-service vulnerability has been identified in the AutomationDirect Click Plus C2-03CPU-2 device running firmware version 3.60. This vulnerability allows an unauthenticated attacker to exhaust all available device sessions in the Remote PLC application, causing a denial-of-service condition.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition by exhausting all available device sessions in the Remote PLC application.

Remediation

Users are advised to update the Click Plus C2-03CPU-2 device firmware to version 3.80. If the update cannot be applied immediately, it is recommended to isolate the device from external networks, restrict access to authorized personnel, and use endpoint protection tools to block unauthorized access attempts.

Added: Sep 23, 2025, 11:18 PM

Updated: Sep 23, 2025, 11:18 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AutomationDirect Click Plus C2-03CPU-2 Improper Resource Shutdown Vulnerability Allowing Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating