What is CVE-2025-59484?

CVE-2025-59484 is a high-severity vulnerability in Automationdirect Click Plus C0-0x Cpu Firmware, classified under Use of a Broken or Risky Cryptographic Algorithm. CVSS score: 8.3/10. Published 2025-09-23.

How severe is CVE-2025-59484?

High severity. CVSS v3 base score is 8.3 out of 10.

Vulnerability in Automationdirect Click Plus C0-0x Cpu Firmware

CVE-2025-59484

The use of a broken or risky cryptographic algorithm was discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software uses an insecure implementation of the RSA encryption algorithm.

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.000 (4.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.3 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L.

Affected products

Automationdirect Click Plus C0-0x Cpu Firmware — versions 0
Automationdirect Click Plus C0-1x Cpu Firmware — versions 0
Automationdirect Click Plus C2-x Cpu Firmware — versions 0

Weakness classification (CWE)

CWE-327 — Use of a Broken or Risky Cryptographic Algorithm

References

Frequently asked questions

What is CVE-2025-59484?: CVE-2025-59484 is a high-severity vulnerability in Automationdirect Click Plus C0-0x Cpu Firmware, classified under Use of a Broken or Risky Cryptographic Algorithm. CVSS score: 8.3/10. Published 2025-09-23.
How severe is CVE-2025-59484?: High severity. CVSS v3 base score is 8.3 out of 10.