Productivity Suite
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-61934 | Cri | 0.65 | 10.0 | 0.01 | Oct 23, 2025 | A binding to an unrestricted IP address vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read, write, or delete arbitrary files… | ||
| CVE-2025-58429 | Hig | 0.49 | 7.5 | 0.01 | Oct 23, 2025 | A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine. | ||
| CVE-2025-58078 | Hig | 0.49 | 7.5 | 0.01 | Oct 23, 2025 | A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and write files with arbitrary data on the target… | ||
| CVE-2025-62688 | Hig | 0.46 | 7.1 | 0.00 | Oct 23, 2025 | An incorrect permission assignment for a critical resource vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker with low-privileged credentials to change their role, gaining full control access to the project. | ||
| CVE-2025-61977 | Hig | 0.46 | 7.0 | 0.00 | Oct 23, 2025 | A weak password recovery mechanism for forgotten password vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an attacker to decrypt an encrypted project by answering just one recovery question. | ||
| CVE-2026-61389 | hig | 0.45 | 7.0 | — | Jul 16, 2026 | An out-of-bounds write vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption via a crafted IOCTL request, potentially resulting in privilege escalation or system instability. | ||
| CVE-2026-60063 | hig | 0.45 | 7.0 | — | Jul 16, 2026 | An out-of-bounds write vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption via a crafted IOCTL request, potentially resulting in privilege escalation or system instability. | ||
| CVE-2025-58456 | Med | 0.44 | 6.8 | 0.01 | Oct 23, 2025 | A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read arbitrary files on the target machine. | ||
| CVE-2026-60140 | med | 0.40 | 6.1 | — | Jul 16, 2026 | An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This can lead to exposing sensitive information or causing the affected product to become unstable or unavailable. | ||
| CVE-2026-57896 | med | 0.40 | 6.1 | — | Jul 16, 2026 | An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This could lead to limited information disclosure or disruption of the affected product. | ||
| CVE-2026-60073 | med | 0.38 | 5.9 | — | Jul 16, 2026 | An out-of-bounds read in the Productivity Suite allows a physical attacker to control the length of data sent to a USB device. This can lead to a system crash or disclosure of kernel memory. | ||
| CVE-2026-61378 | med | 0.36 | 5.5 | — | Jul 16, 2026 | A divide-by-zero vulnerability in the Productivity Suite allows a local attacker to cause a division by zero leading to a system crash. | ||
| CVE-2025-60023 | Med | 0.26 | 4.0 | 0.00 | Oct 23, 2025 | A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine. | ||
| CVE-2025-59776 | Med | 0.26 | 4.0 | 0.00 | Oct 23, 2025 | A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and create arbitrary directories on the target machine. |
- risk 0.65cvss 10.0epss 0.01
A binding to an unrestricted IP address vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read, write, or delete arbitrary files…
- risk 0.49cvss 7.5epss 0.01
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine.
- risk 0.49cvss 7.5epss 0.01
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and write files with arbitrary data on the target…
- risk 0.46cvss 7.1epss 0.00
An incorrect permission assignment for a critical resource vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker with low-privileged credentials to change their role, gaining full control access to the project.
- risk 0.46cvss 7.0epss 0.00
A weak password recovery mechanism for forgotten password vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an attacker to decrypt an encrypted project by answering just one recovery question.
- risk 0.45cvss 7.0epss —
An out-of-bounds write vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption via a crafted IOCTL request, potentially resulting in privilege escalation or system instability.
- risk 0.45cvss 7.0epss —
An out-of-bounds write vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption via a crafted IOCTL request, potentially resulting in privilege escalation or system instability.
- risk 0.44cvss 6.8epss 0.01
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read arbitrary files on the target machine.
- risk 0.40cvss 6.1epss —
An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This can lead to exposing sensitive information or causing the affected product to become unstable or unavailable.
- risk 0.40cvss 6.1epss —
An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This could lead to limited information disclosure or disruption of the affected product.
- risk 0.38cvss 5.9epss —
An out-of-bounds read in the Productivity Suite allows a physical attacker to control the length of data sent to a USB device. This can lead to a system crash or disclosure of kernel memory.
- risk 0.36cvss 5.5epss —
A divide-by-zero vulnerability in the Productivity Suite allows a local attacker to cause a division by zero leading to a system crash.
- risk 0.26cvss 4.0epss 0.00
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine.
- risk 0.26cvss 4.0epss 0.00
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and create arbitrary directories on the target machine.