Medium severity5.9NVD Advisory· Published Sep 23, 2025· Updated Apr 15, 2026

CVE-2025-58473

Description

An improper resource shutdown or release vulnerability has been identified in the Click Plus C2-03CPU-2 device running firmware version 3.60. The vulnerability allows an unauthenticated attacker to perform a denial-of-service attack by exhausting all available device sessions of the Click Programming Software.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.automationdirect.com/support/software-downloadsnvd
www.cisa.gov/news-events/ics-advisories/icsa-25-266-01nvd

News mentions

No linked articles in our index yet.

cvss	0.384
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000