Volerion logoVolerion
Volerion logoVolerion

AutomationDirect Click Plus PLC Use of a Broken Cryptographic Algorithm Vulnerability

Vulnerability

A vulnerability has been identified in AutomationDirect Click Plus PLC firmware version 3.60, where an insecure implementation of the RSA encryption algorithm is used. This vulnerability allows for potential exploitation due to the reliance on a broken cryptographic algorithm.

Impact

Exploitation of this vulnerability could lead to unauthorized decryption or manipulation of data, potentially allowing an attacker to interfere with the PLC's operations or communications.

Remediation

Users are advised to update the Click Plus PLC firmware to version 3.80. If an immediate update is not possible, it is recommended to isolate the PLC from external networks, restrict access to authorized personnel, and use secure internal communications. Additionally, maintain secure backups of the PLC's configurations and regularly review system logs for any suspicious activity.

Added: Sep 23, 2025, 10:17 PM
Updated: Sep 23, 2025, 10:17 PM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
2.5
exploitability
4.7
remediation
7.9
relevance
0.6
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.