CVE-2025-58473

High CVSS: 8.2

An improper resource shutdown or release vulnerability has been identified in the Click Plus C2-03CPU-2 device running firmware version 3.60. The vulnerability allows an unauthenticated attacker to perform a denial-of-service attack by exhausting all available device sessions of the Click Programming Software.

Vendor

Product

CWE

CWE-404

Yayın Tarihi

2025-09-23 23:15:31

Güncelleme

2025-09-24 18:11:24

Source Identifier

ics-cert@hq.dhs.gov

KEV Date Added

Kategoriler

CWE-404 HIGH 2025

Referanslar

https://www.automationdirect.com/support/software-downloads https://www.cisa.gov/news-events/ics-advisories/icsa-25-266-01