CRITICAL🇵🇱 Wersja polska

CVE-2025-41744

CVSS 9.1v3.1pub. 2025-12-02upd. 2026-02-23

Sprecher Automations SPRECON-E series uses default cryptographic keys that allow an unprivileged remote attacker to access all encrypted communications, thereby compromising confidentiality and integrity.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  • Sprecher Automation Sprecon E C

    HW
    Sprecher-Automation
    wszystkie wersje
  • Sprecher Automation Sprecon E C Firmware

    OS
    Sprecher-Automation
    wszystkie wersje
  • Sprecher Automation Sprecon E P

    HW
    Sprecher-Automation
    wszystkie wersje
  • Sprecher Automation Sprecon E P Firmware

    OS
    Sprecher-Automation
    wszystkie wersje
  • Sprecher Automation Sprecon E T3

    HW
    Sprecher-Automation
    wszystkie wersje
  • Sprecher Automation Sprecon E T3 Firmware

    OS
    Sprecher-Automation
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-41742CRITICAL9.8PL ✓ten sam produkt

Sprecher-Automation Sprecon-E: domyślne klucze kryptograficzne umożliwiają pełny dostęp zdalny

CVE-2022-4333CRITICAL9.8ten sam produkt

Hardcoded Credentials in multiple SPRECON-E CPU variants of Sprecher Automation allows an remote attacker to t...

CVE-2025-41743MEDIUM4.0ten sam produkt

Insufficient encryption strength in Sprecher Automation SPRECON-E-C, SPRECON-E-P, and SPRECON-E-T3 allows a lo...

CVE-2024-6758MEDIUM6.5ten sam produkt

Improper Privilege Management in Sprecher Automation SPRECON-E below version 8.71j allows a remote attacker wi...

CVE-2022-4332MEDIUM6.8ten sam produkt

In Sprecher Automation SPRECON-E-C/P/T3 CPU in variant PU244x a vulnerable firmware verification has been iden...