{"cve":{"cve_id":"CVE-2025-67652","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00101,"epss_percentile":0.01088,"epss_as_of":"2026-06-23","description":"An attacker with access to the project file could use the exposed \ncredentials to impersonate users, escalate privileges, or gain \nunauthorized access to systems and services. The absence of robust \nencryption or secure handling mechanisms increases the likelihood of \nthis type of exploitation, leaving sensitive information more \nvulnerable.","published_at":"2026-01-22T22:17:53.763000Z","last_modified_at":null,"cvss_v3_score":6.1,"cvss_v3_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N","cvss_v3_severity":"MEDIUM","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":["CWE-261"],"nvd_references":["https://www.cisa.gov/news-events/ics-advisories/icsa-26-022-02","https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-022-02.json"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:28:17.181086Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"L","value_label":"Local"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"L","value_label":"Low"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"L","value_label":"Low"},{"metric":"A","name":"Availability","value":"N","value_label":"None"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"automationdirect","vendor_name":"AutomationDirect","product_slug":"click-programmable-logic-controller","product_name":"CLICK Programmable Logic Controller","version_start":"C0-0x","version_start_inclusive":true,"version_end":"C0-0x","version_end_inclusive":true,"cpe23_uri":"cve5:automationdirect:click-programmable-logic-controller:C0-0x:C0-0x"},{"vendor_slug":"automationdirect","vendor_name":"AutomationDirect","product_slug":"click-programmable-logic-controller","product_name":"CLICK Programmable Logic Controller","version_start":"C0-1x","version_start_inclusive":true,"version_end":"C0-1x","version_end_inclusive":true,"cpe23_uri":"cve5:automationdirect:click-programmable-logic-controller:C0-1x:C0-1x"},{"vendor_slug":"automationdirect","vendor_name":"AutomationDirect","product_slug":"click-programmable-logic-controller","product_name":"CLICK Programmable Logic Controller","version_start":"C2-x","version_start_inclusive":true,"version_end":"C2-x","version_end_inclusive":true,"cpe23_uri":"cve5:automationdirect:click-programmable-logic-controller:C2-x:C2-x"},{"vendor_slug":"automationdirect","vendor_name":"AutomationDirect","product_slug":"click-programmable-logic-controller","product_name":"CLICK Programmable Logic Controller","version_start":"V3.90","version_start_inclusive":true,"version_end":"V3.90","version_end_inclusive":true,"cpe23_uri":"cve5:automationdirect:click-programmable-logic-controller:V3.90:V3.90"}],"exploit_refs":[],"news":[],"references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-022-02","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-022-02.json","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2026-01-22T22:17:53.763000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:49:11.087090Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:49:11.087090Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:49:11.087090Z","label":"CVSS score revised","source":"cvelistv5"}]}