VYPR

Productivity Suite

by Automationdirect

CVEs (14)

  • CVE-2025-61934CriOct 23, 2025
    risk 0.65cvss 10.0epss 0.01

    A binding to an unrestricted IP address vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read, write, or delete arbitrary files…

  • CVE-2025-58429HigOct 23, 2025
    risk 0.49cvss 7.5epss 0.01

    A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine.

  • CVE-2025-58078HigOct 23, 2025
    risk 0.49cvss 7.5epss 0.01

    A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and write files with arbitrary data on the target…

  • CVE-2025-62688HigOct 23, 2025
    risk 0.46cvss 7.1epss 0.00

    An incorrect permission assignment for a critical resource vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker with low-privileged credentials to change their role, gaining full control access to the project.

  • CVE-2025-61977HigOct 23, 2025
    risk 0.46cvss 7.0epss 0.00

    A weak password recovery mechanism for forgotten password vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an attacker to decrypt an encrypted project by answering just one recovery question.

  • CVE-2026-61389higJul 16, 2026
    risk 0.45cvss 7.0epss

    An out-of-bounds write vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption via a crafted IOCTL request, potentially resulting in privilege escalation or system instability.

  • CVE-2026-60063higJul 16, 2026
    risk 0.45cvss 7.0epss

    An out-of-bounds write vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption via a crafted IOCTL request, potentially resulting in privilege escalation or system instability.

  • CVE-2025-58456MedOct 23, 2025
    risk 0.44cvss 6.8epss 0.01

    A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read arbitrary files on the target machine.

  • CVE-2026-60140medJul 16, 2026
    risk 0.40cvss 6.1epss

    An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This can lead to exposing sensitive information or causing the affected product to become unstable or unavailable.

  • CVE-2026-57896medJul 16, 2026
    risk 0.40cvss 6.1epss

    An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This could lead to limited information disclosure or disruption of the affected product.

  • CVE-2026-60073medJul 16, 2026
    risk 0.38cvss 5.9epss

    An out-of-bounds read in the Productivity Suite allows a physical attacker to control the length of data sent to a USB device. This can lead to a system crash or disclosure of kernel memory.

  • CVE-2026-61378medJul 16, 2026
    risk 0.36cvss 5.5epss

    A divide-by-zero vulnerability in the Productivity Suite allows a local attacker to cause a division by zero leading to a system crash.

  • CVE-2025-60023MedOct 23, 2025
    risk 0.26cvss 4.0epss 0.00

    A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine.

  • CVE-2025-59776MedOct 23, 2025
    risk 0.26cvss 4.0epss 0.00

    A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and create arbitrary directories on the target machine.