{"cve":{"cve_id":"CVE-2025-59484","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00115,"epss_percentile":0.01843,"epss_as_of":"2026-06-23","description":"The use of a broken or risky cryptographic algorithm was discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software uses an insecure implementation of the RSA encryption algorithm.","published_at":"2025-09-23T22:08:40.744000Z","last_modified_at":null,"cvss_v3_score":8.3,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L","cvss_v3_severity":"HIGH","cvss_v4_score":8.7,"cvss_v4_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N","cvss_v4_severity":"HIGH","ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":["CWE-327"],"nvd_references":["https://www.cisa.gov/news-events/ics-advisories/icsa-25-266-01","https://www.automationdirect.com/support/software-downloads"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:27:50.858931Z"},"effective_severity":"HIGH","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"R","value_label":"Required"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"L","value_label":"Low"}]},"cvss_v4_decoded":{"version":"4.0","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"AT","name":"Attack Requirements","value":"N","value_label":"None"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"P","value_label":"Passive"},{"metric":"VC","name":"Confidentiality (Vulnerable System)","value":"H","value_label":"High"},{"metric":"VI","name":"Integrity (Vulnerable System)","value":"H","value_label":"High"},{"metric":"VA","name":"Availability (Vulnerable System)","value":"L","value_label":"Low"},{"metric":"SC","name":"Confidentiality (Subsequent System)","value":"N","value_label":"None"},{"metric":"SI","name":"Integrity (Subsequent System)","value":"N","value_label":"None"},{"metric":"SA","name":"Availability (Subsequent System)","value":"N","value_label":"None"}]},"affected":[{"vendor_slug":"automationdirect","vendor_name":"AutomationDirect","product_slug":"click-plus-c0-0x-cpu-firmware","product_name":"CLICK PLUS C0-0x CPU firmware","version_start":"0","version_start_inclusive":true,"version_end":"v3.71","version_end_inclusive":false,"cpe23_uri":"cve5:automationdirect:click-plus-c0-0x-cpu-firmware:0:v3.71"},{"vendor_slug":"automationdirect","vendor_name":"AutomationDirect","product_slug":"click-plus-c0-1x-cpu-firmware","product_name":"CLICK PLUS C0-1x CPU firmware","version_start":"0","version_start_inclusive":true,"version_end":"v3.71","version_end_inclusive":false,"cpe23_uri":"cve5:automationdirect:click-plus-c0-1x-cpu-firmware:0:v3.71"},{"vendor_slug":"automationdirect","vendor_name":"AutomationDirect","product_slug":"click-plus-c2-x-cpu-firmware","product_name":"CLICK PLUS C2-x CPU firmware","version_start":"0","version_start_inclusive":true,"version_end":"v3.71","version_end_inclusive":false,"cpe23_uri":"cve5:automationdirect:click-plus-c2-x-cpu-firmware:0:v3.71"}],"exploit_refs":[],"news":[],"references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-25-266-01","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://www.automationdirect.com/support/software-downloads","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2025-09-23T22:08:40.744000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:48:21.679741Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:48:21.679741Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:48:21.679741Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:48:21.679741Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:48:21.679741Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:48:21.679741Z","label":"CVSS score revised","source":"cvelistv5"}]}