Primary

Context

AutomationDirect Productivity Suite Weak Password Recovery Vulnerability

Vulnerability

Patched

A vulnerability exists in AutomationDirect Productivity Suite version 4.4.1.19 and prior, allowing an attacker to decrypt an encrypted project by correctly answering just one recovery question. This issue arises from a weak password recovery mechanism for forgotten passwords.

Impact

Exploitation of this vulnerability could enable an attacker to gain unauthorized access to encrypted projects, potentially leading to arbitrary code execution, information disclosure, or unauthorized access to files and project controls.

Remediation

Users are advised to update the Productivity Suite software to version 4.5.0.x or higher. For additional guidance, consult AutomationDirect's security considerations document or contact AutomationDirect Technical Support.

Added: Oct 23, 2025, 10:20 PM

Updated: Oct 23, 2025, 10:20 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.8

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.8

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AutomationDirect Productivity Suite Weak Password Recovery Vulnerability

Vulnerability

Impact

Remediation

Affected Products

AutomationDirect Productivity Suite

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating