CVE-2025-60023 is a relative path traversal vulnerability (CWE-23) identified in AutomationDirect's Productivity Suite software, specifically version 4.4.1.19. The flaw exists in the ProductivityService PLC simulator component, which improperly validates file path inputs. This allows an unauthenticated remote attacker to craft malicious requests that traverse directories and delete arbitrary directories on the target machine. The vulnerability does not require authentication or user interaction, and the attack vector is network-based, increasing the risk of remote exploitation. The CVSS 4.0 base score is 6.3 (medium severity), reflecting the moderate impact on system availability and limited impact on confidentiality and integrity. The vulnerability could lead to denial of service conditions by removing critical files or directories necessary for the Productivity Suite or underlying operating system, potentially disrupting industrial control processes. No patches or known exploits are currently reported, but the vulnerability's nature suggests that exploitation could be straightforward once a proof-of-concept is developed. The issue highlights the importance of secure input validation and access controls in industrial control system software.

For European organizations, especially those in manufacturing, energy, and critical infrastructure sectors relying on AutomationDirect's Productivity Suite, this vulnerability poses a significant risk to operational continuity. Successful exploitation could lead to deletion of essential directories, causing system outages or degraded performance of PLC simulators and related automation processes. This disruption could halt production lines, affect supply chains, or impair safety systems, leading to financial losses and safety hazards. Given the unauthenticated remote access vector, attackers could exploit this vulnerability from outside the network perimeter if the ProductivityService is exposed or insufficiently segmented. The impact on confidentiality and integrity is limited, but availability is notably affected, which is critical in industrial environments. European organizations with limited patch management capabilities or exposed industrial networks are particularly vulnerable.

1. Immediately restrict network access to the ProductivityService PLC simulator by implementing network segmentation and firewall rules to limit exposure only to trusted hosts. 2. Monitor network traffic for unusual requests targeting the ProductivityService, especially those attempting directory traversal patterns. 3. Enforce strict file system permissions on the host machines to prevent unauthorized deletion of critical directories, minimizing the impact of potential exploitation. 4. Engage with AutomationDirect for official patches or updates addressing this vulnerability and apply them promptly once available. 5. Conduct thorough audits of industrial control systems to identify any instances of the affected Productivity Suite version and prioritize remediation. 6. Implement intrusion detection systems tailored for industrial protocols to detect anomalous activities related to the PLC simulator. 7. Educate operational technology (OT) staff about this vulnerability and the importance of isolating industrial networks from general IT networks and the internet.