CVE-2025-41744 | THREATINT

Description

Sprecher Automations SPRECON-E series uses default cryptographic keys that allow an unprivileged remote attacker to access all encrypted communications, thereby compromising confidentiality and integrity.

PUBLISHED Reserved 2025-04-16 | Published 2025-12-02 | Updated 2025-12-02 | Assigner CERTVDE

CRITICAL: 9.1CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Problem types

CWE-1394 Use of Default Cryptographic Key

Product status

Default status

unaffected

affected

Default status

unaffected

affected

Default status

unaffected

affected

Credits

Sec-Consult Security Labs reporter

References

www.sprecher-automation.com/...curity/PDF/SPR-2511043_de.pdf vendor-advisory

cve.org (CVE-2025-41744)

nvd.nist.gov (CVE-2025-41744)

Download JSON