CVE-2025-58456
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-23

Last updated on: 2025-10-27

Assigner: ICS-CERT

Description
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read arbitrary files on the target machine.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-23
Last Modified
2025-10-27
Generated
2026-05-07
AI Q&A
2025-10-24
EPSS Evaluated
2026-05-05
NVD
CVE-2025-58456
Affected Vendors & Products
Showing 9 associated CPEs
Vendor Product Version / Range
automationdirect productivity_3000 p3-550e
automationdirect productivity_suite 4.5.0
automationdirect productivity_3000 p3-622
automationdirect productivity_1000 p1-550
automationdirect productivity_1000 p1-540
automationdirect productivity_2000 p2-622
automationdirect productivity_3000 p3-530
automationdirect productivity_2000 p2-550
automationdirect productivity_suite 4.4.1.19
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-23 The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a relative path traversal issue in Productivity Suite software version 4.4.1.19. It allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read arbitrary files on the target machine by exploiting the path traversal flaw.


How can this vulnerability impact me? :

The vulnerability can impact you by allowing an unauthenticated remote attacker to read sensitive or critical files on the affected system without authorization. This could lead to exposure of confidential information and potential further exploitation.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

This vulnerability could negatively affect compliance with standards and regulations such as GDPR and HIPAA because unauthorized access to sensitive files may lead to data breaches involving personal or protected health information, violating data protection requirements.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart