(TLP:CLEAR) OT Vulnerability Awareness – Analysis of Critical Vulnerabilities for AutomationDirect’s Productivity Suite for Engineering Workstations
Created: Thursday, November 20, 2025 - 17:18
Categories: Cybersecurity, OT-ICS Security
Summary: Nozomi Networks Labs details nine critical vulnerabilities it discovered in AutomationDirect’s Productivity Suite, a widely used software for programming industrial PLCs across sectors including water and wastewater utilities. These vulnerabilities, found in Productivity Suite versions up to 4.2.3.2, can allow unauthenticated remote attackers to read, modify, or delete files on engineering workstations and even execute arbitrary code by tricking engineers into opening malicious project files. Some flaws bypass project file encryption and user controls, enabling compromise of both IT and OT environments—potentially letting attackers disrupt processes, steal sensitive OT data, or reprogram PLCs with dangerous logic. Nozomi’s post details the identified vulnerabilities, their potential impact, possible attack scenarios, and recommended mitigation strategies. Likewise, based on Nozomi’s findings and responsible disclosure, CISA published ICS Advisory, ICSA-25-296-01 on these vulnerabilities on October 23, 2025.
AutomationDirect recommends asset owners update the Productivity Suite programming software on engineering workstations to version 4.5.0.x or higher and update the firmware of Productivity PLCs to the latest version.
Analyst Note: Utilities using Productivity Suite are encouraged to review this analysis. According to the research, exploitation of these vulnerabilities could lead to service disruption, unsafe water processing, or even environmental incidents. WaterISAC recommends applying a risk-based approach when assessing the need for and timing of updates to software and PLC firmware. However, strict network segmentation and diligent monitoring for unauthorized project file access or abnormal network behavior are essential.
Original Source: https://www.nozominetworks.com/blog/compromising-automationdirect-productivity-suite-to-breach-the-ot-perimeter
Additional Reading:
Related WaterISAC PIRs: 8