What is CVE-2025-61977?

CVE-2025-61977 is a high-severity vulnerability in Automationdirect Productivity 1000 P1-540 Cpu, classified under Weak Password Recovery Mechanism for Forgotten Password. CVSS score: 7.0/10. Published 2025-10-23.

How severe is CVE-2025-61977?

High severity. CVSS v3 base score is 7.0 out of 10.

Vulnerability in Automationdirect Productivity 1000 P1-540 Cpu

CVE-2025-61977

A weak password recovery mechanism for forgotten password vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an attacker to decrypt an encrypted project by answering just one recovery qu…

EPSS: 0.000 (4.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.0 (High). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Automationdirect Productivity 1000 P1-540 Cpu — versions 0
Automationdirect Productivity 1000 P1-550 Cpu — versions 0
Automationdirect Productivity 2000 P2-550 Cpu — versions 0
Automationdirect Productivity 2000 P2-622 Cpu — versions 0
Automationdirect Productivity 3000 P3-530 Cpu — versions 0
Automationdirect Productivity 3000 P3-550e Cpu — versions 0
Automationdirect Productivity 3000 P3-622 Cpu — versions 0
Automationdirect Productivity Suite — versions 0

Weakness classification (CWE)

CWE-640 — Weak Password Recovery Mechanism for Forgotten Password

References

Frequently asked questions

What is CVE-2025-61977?: CVE-2025-61977 is a high-severity vulnerability in Automationdirect Productivity 1000 P1-540 Cpu, classified under Weak Password Recovery Mechanism for Forgotten Password. CVSS score: 7.0/10. Published 2025-10-23.
How severe is CVE-2025-61977?: High severity. CVSS v3 base score is 7.0 out of 10.