Search Results (14 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-60063 1 Automationdirect 1 Productivity Suite 2026-07-16 7 High
An out-of-bounds write vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption via a crafted IOCTL request, potentially resulting in privilege escalation or system instability.
CVE-2026-61389 1 Automationdirect 1 Productivity Suite 2026-07-16 7 High
An out-of-bounds write vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption via a crafted IOCTL request, potentially resulting in privilege escalation or system instability.
CVE-2026-60140 1 Automationdirect 1 Productivity Suite 2026-07-16 6.1 Medium
An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This can lead to exposing sensitive information or causing the affected product to become unstable or unavailable.
CVE-2026-57896 1 Automationdirect 1 Productivity Suite 2026-07-16 6.1 Medium
An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This could lead to limited information disclosure or disruption of the affected product.
CVE-2026-60073 1 Automationdirect 1 Productivity Suite 2026-07-16 5.9 Medium
An out-of-bounds read in the Productivity Suite allows a physical attacker to control the length of data sent to a USB device. This can lead to a system crash or disclosure of kernel memory.
CVE-2025-60023 1 Automationdirect 8 P1-540, P1-550, P2-550 and 5 more 2026-04-15 4 Medium
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine.
CVE-2025-62498 1 Automationdirect 8 P1-540, P1-550, P2-550 and 5 more 2026-04-15 8.8 High
A relative path traversal (ZipSlip) vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker who can tamper with a productivity project to execute arbitrary code on the machine where the project is opened.
CVE-2025-62688 1 Automationdirect 8 P1-540, P1-550, P2-550 and 5 more 2026-04-15 7.1 High
An incorrect permission assignment for a critical resource vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker with low-privileged credentials to change their role, gaining full control access to the project.
CVE-2025-61977 1 Automationdirect 8 P1-540, P1-550, P2-550 and 5 more 2026-04-15 7 High
A weak password recovery mechanism for forgotten password vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an attacker to decrypt an encrypted project by answering just one recovery question.
CVE-2025-61934 1 Automationdirect 8 P1-540, P1-550, P2-550 and 5 more 2026-04-15 10 Critical
A binding to an unrestricted IP address vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read, write, or delete arbitrary files and folders on the target machine
CVE-2025-58078 1 Automationdirect 8 P1-540, P1-550, P2-550 and 5 more 2026-04-15 7.5 High
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and write files with arbitrary data on the target machine.
CVE-2025-58429 1 Automationdirect 8 P1-540, P1-550, P2-550 and 5 more 2026-04-15 7.5 High
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine.
CVE-2025-58456 1 Automationdirect 8 P1-540, P1-550, P2-550 and 5 more 2026-04-15 6.8 Medium
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read arbitrary files on the target machine.
CVE-2025-59776 1 Automationdirect 8 P1-540, P1-550, P2-550 and 5 more 2026-04-15 4 Medium
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and create arbitrary directories on the target machine.