Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
AutomationDirect

AutomationDirect Vendor Cyber Rating & Cyber Score

AutomationDirect.com

In business since 1994, AutomationDirect is a distributor offering thousands of industrial automation products for electrical control systems, including PLCs, operator interfaces, AC drives, motors, stepper systems, sensors, motor controls, enclosures and more. Our prices are typically well below the list price of more traditional automation companies because of their business model and focus on efficiency and the majority of our products are stocked. Once the purchase is made, our automated facility has an order accuracy of 99.98% and we do offer a 30-day money back guarantee on most products for any last-minute changes customers may need. Also, orders over $49 ship free of charge. For more information, contact them at 800-633-0405 or


AutomationDirect A.I CyberSecurity Scoring

AutomationDirect
Company Information
Website:https://www.AutomationDirect.com
Employees number:313
Number of followers:20,036
NAICS:33325
Industry Type:Automation Machinery Manufacturing
Homepage:AutomationDirect.com
AutomationDirect Risk Score (AI oriented)
Between 750 and 799
logo
AutomationDirectAutomation Machinery Manufacturing
Updated:
29/03/2026
753/1000
Fair
Baa
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
AutomationDirect Global Score (TPRM)
xxxx
logo
AutomationDirectAutomation Machinery Manufacturing
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

AutomationDirect
AutomationDirectFair
Current Score
753Baa (FAIR)
01000
1 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
754Before Incident
JUNE 2026
754Before Incident
MAY 2026
753Before Incident
APRIL 2026
753Before Incident
MARCH 2026
753Before Incident
FEBRUARY 2026
753Before Incident
JANUARY 2026
753Before Incident
DECEMBER 2025
753Before Incident
NOVEMBER 2025
753Before Incident
OCTOBER 2025
753Before Incident
SEPTEMBER 2025
752Before Incident
AUGUST 2025
752Before Incident
MAY 2025
747Before Incident
Vulnerability
22 May 2025AutomationDirect
AutomationDirect

Critical Authentication Vulnerability in AutomationDirect MB-Gateway Devices (CVE-2025-36535)

752After Incident
CRITICAL-5
AUT3621036112625
AutomationDirect’s MB-Gateway devices, widely deployed in critical infrastructure, are affected by a maximum-severity missing authentication vulnerability (CVE-2025-36535), enabling remote intrusions without credentials. Over 100 internet-exposed instances risk compromise, exposing sensitive device parameters—including internal IPs, firmware versions, Modbus configurations, and serial communication settings—via an unsecured embedded web interface. The flaw, discovered by Microsec researcher Souvik Kandar, stems from inadequate authentication, allowing attackers to remotely access the configuration panel through a standard internet connection. Mitigation is limited, as hardware restrictions prevent access control updates; affected organizations are advised to replace vulnerable devices with the EKI-1221-CE gateway. The Cybersecurity and Infrastructure Security Agency (CISA) has warned of potential operational disruptions in industrial environments, where compromised gateways could facilitate lateral movement, data exfiltration, or sabotage of automated processes in sectors like energy, manufacturing, or water treatment.
INCIDENT DETAILS -
TYPE
Vulnerability ExploitationUnauthenticated AccessInformation Disclosure
IMPACT
Internal IPsFirmware VersionsModbus ConfigurationSerial Communication SettingsAutomationDirect MB-Gateway Devices (100+ internet-exposed instances)Operational Impact: Potential disruption to critical infrastructure operations due to exposed configurationsBrand Reputation Impact: High (due to critical infrastructure exposure and unpatchable hardware)
DATA BREACH
Device Configuration DataNetwork ParametersSensitivity Of Data: High (critical infrastructure operational details)Data Exfiltration: Possible (via exposed web interface)Configuration FilesLog Files (potential)

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for AutomationDirect ?
?
What was AutomationDirect's A.I Rankiteo Cyber Score in June 2026 ?
?
What was AutomationDirect's A.I Rankiteo Cyber Score in May 2026 ?
?
What was AutomationDirect's A.I Rankiteo Cyber Score in April 2026 ?
?
What was AutomationDirect's A.I Rankiteo Cyber Score in March 2026 ?
?
What was AutomationDirect's A.I Rankiteo Cyber Score in February 2026 ?
?
What was AutomationDirect's A.I Rankiteo Cyber Score in January 2026 ?
?
What was AutomationDirect's A.I Rankiteo Cyber Score in December 2025 ?
?
What was AutomationDirect's A.I Rankiteo Cyber Score in November 2025 ?
?
What was AutomationDirect's A.I Rankiteo Cyber Score in October 2025 ?
?
What was AutomationDirect's A.I Rankiteo Cyber Score in September 2025 ?
?
What was AutomationDirect's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on AutomationDirect's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with AutomationDirect ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view AutomationDirect's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?