CVE-2025-67652 is a vulnerability classified under CWE-261 (Incorrect Pointer Scaling) affecting AutomationDirect CLICK Programmable Logic Controllers (PLCs) in versions C0-0x, C0-1x, and C2-x. The core issue stems from insecure handling of credentials embedded within project files used to configure these PLCs. Specifically, the project files expose credentials without robust encryption or secure storage mechanisms, making them susceptible to unauthorized access if an attacker obtains the project file. An attacker with access to these files can impersonate legitimate users, escalate privileges, and gain unauthorized access to systems and services controlled by the PLCs. The vulnerability requires local access to the project file, which may be obtained through insider threats, compromised workstations, or inadequate file access controls. The CVSS v3.1 score is 6.1 (medium severity), reflecting that the attack vector is local (AV:L), attack complexity is low (AC:L), privileges required are low (PR:L), and no user interaction is needed (UI:N). The impact on confidentiality is high (C:H), while integrity impact is low (I:L), and availability is unaffected (A:N). No patches or public exploits are currently available, indicating that mitigation relies on operational security measures. This vulnerability poses a significant risk in industrial environments where PLCs are critical for automation and control, as unauthorized access could lead to data leakage and potential manipulation of control logic if combined with other vulnerabilities or attack vectors.

For European organizations, especially those in manufacturing, energy, and critical infrastructure sectors relying on AutomationDirect CLICK PLCs, this vulnerability presents a risk of unauthorized access to sensitive control systems. The exposure of credentials can lead to impersonation of authorized users and privilege escalation, potentially allowing attackers to move laterally within industrial networks. Although the vulnerability does not directly impact system availability or cause immediate operational disruption, the confidentiality breach could facilitate further attacks, including sabotage or espionage. Given the increasing integration of industrial control systems with corporate IT networks in Europe, exploitation could compromise both operational technology (OT) and information technology (IT) environments. The impact is particularly relevant for organizations with insufficient access controls on project files or inadequate network segmentation between IT and OT. The absence of robust encryption in project files increases the risk of credential theft if files are improperly stored or transmitted. This vulnerability could also affect supply chain security if project files are shared externally without adequate protection.

European organizations should implement strict access controls and permissions on project files associated with AutomationDirect CLICK PLCs, ensuring only authorized personnel can access or modify them. Encrypting project files at rest and in transit is critical to prevent unauthorized disclosure of embedded credentials. Organizations should enforce network segmentation between IT and OT environments to limit the exposure of PLC configuration files. Regular audits and monitoring of file access logs can help detect unauthorized attempts to access or copy project files. Employing endpoint security solutions on workstations used to handle PLC project files can reduce the risk of insider threats or malware-based theft. Where possible, organizations should request or develop secure handling procedures from AutomationDirect, including secure storage and transmission of project files. Until patches or updates are available, consider implementing multi-factor authentication and additional verification mechanisms for access to PLC management interfaces. Training staff on the sensitivity of project files and the risks of credential exposure is also recommended. Finally, maintain an incident response plan tailored to OT environments to quickly address any detected compromise.