VYPR
advisoryPublished Jul 16, 2026· 1 source

CISA Warns of Multiple Memory Corruption Vulnerabilities in AutomationDirect Productivity Suite

CISA has issued an advisory detailing several critical vulnerabilities in AutomationDirect Productivity Suite, potentially allowing local attackers to cause memory corruption, information disclosure, or denial-of-service conditions.

CISA has released a critical advisory for multiple vulnerabilities affecting AutomationDirect Productivity Suite, versions prior to v4.6.2.2. These flaws, if exploited by a local attacker, could lead to severe consequences including memory corruption, unintended information disclosure, application instability, and denial-of-service conditions.

The vulnerabilities primarily stem from out-of-bounds write and read errors, as well as divide-by-zero issues within the software. Specifically, CVE-2026-60063 and CVE-2026-61389 allow a local attacker to trigger kernel memory corruption through crafted IOCTL requests. This could potentially escalate privileges or destabilize the system. Similarly, CVE-2026-60140, an out-of-bounds read vulnerability, can also lead to kernel memory corruption via crafted IOCTL requests, exposing sensitive information or causing the product to become unavailable.

Other identified vulnerabilities include CVE-2026-57896 and CVE-2026-60073, which are also described as out-of-bounds write issues, and CVE-2026-61378, another out-of-bounds read vulnerability. All these flaws are present in AutomationDirect Productivity Suite versions up to and including v4.6.2.2.

The affected product is widely deployed across critical manufacturing sectors globally. The potential impact of these vulnerabilities is significant, as successful exploitation could disrupt operations within industrial control systems. The CVSS v3.1 base score for these vulnerabilities is rated as HIGH at 7.0, with a CVSS v4.0 score of 7.3, also rated HIGH. The attack vector is local, requiring some privileges, but with a high complexity.

AutomationDirect strongly recommends that users update their Productivity Suite to version v4.7.0.47 or later to remediate these security risks. Download links for the updated software are available on the AutomationDirect support website.

In cases where an immediate update is not feasible, AutomationDirect provides several compensating controls. These include disconnecting engineering workstations from external networks, using only trusted internal networks or air-gapped systems, restricting physical and logical access, configuring application whitelisting, employing antivirus and EDR tools, and enabling host-based firewalls. Regular review of system logs and maintaining secure, tested backups are also advised.

Organizations are urged to continuously evaluate the risks associated with running outdated software and implement appropriate mitigating measures. The advisory highlights the importance of timely patching and robust security practices within operational technology environments to prevent potential disruptions and data breaches.

This advisory underscores the ongoing threat landscape for industrial control systems, where vulnerabilities in widely used software can have far-reaching consequences for critical infrastructure. Users of AutomationDirect Productivity Suite should prioritize applying the available updates or implementing the recommended mitigations to safeguard their systems.

Synthesized by Vypr AI