CVE-2025-59484
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-23

Last updated on: 2025-09-24

Assigner: ICS-CERT

Description
The use of a broken or risky cryptographic algorithm was discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software uses an insecure implementation of the RSA encryption algorithm.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-23
Last Modified
2025-09-24
Generated
2026-05-07
AI Q&A
2025-09-24
EPSS Evaluated
2026-05-05
NVD
CVE-2025-59484
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
automationdirect click_plus_plc 3.60
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-327 The product uses a broken or risky cryptographic algorithm or protocol.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves the use of a broken or risky cryptographic algorithm in firmware version 3.60 of the Click Plus PLC. Specifically, the software uses an insecure implementation of the RSA encryption algorithm, which can compromise the security of encrypted data.


How can this vulnerability impact me? :

The insecure RSA implementation can lead to unauthorized disclosure, modification, or disruption of data and system operations. This can result in a high impact on confidentiality and integrity, and a low impact on availability, potentially allowing attackers to compromise sensitive information or disrupt device functionality.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart