CVE-2025-59484
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-23

Last updated on: 2025-09-24

Assigner: ICS-CERT

Description
The use of a broken or risky cryptographic algorithm was discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software uses an insecure implementation of the RSA encryption algorithm.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-23
Last Modified
2025-09-24
Generated
2026-06-16
AI Q&A
2025-09-24
EPSS Evaluated
2026-06-15
NVD
CVE-2025-59484
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
automationdirect click_plus_plc 3.60
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-327 The product uses a broken or risky cryptographic algorithm or protocol.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves the use of a broken or risky cryptographic algorithm in firmware version 3.60 of the Click Plus PLC. Specifically, the software uses an insecure implementation of the RSA encryption algorithm, which can compromise the security of encrypted data.

Impact Analysis

The insecure RSA implementation can lead to unauthorized disclosure, modification, or disruption of data and system operations. This can result in a high impact on confidentiality and integrity, and a low impact on availability, potentially allowing attackers to compromise sensitive information or disrupt device functionality.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-59484. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart