Sprecher Automation: SPRECON-E series has a critical vulnerability due to...

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Sprecher Automations SPRECON-E-C, SPRECON-E-P, SPRECON-E-T3 is vulnerable to attack by an unauthorized remote attacker via default cryptographic keys. The use of these keys allows the attacker to read, modify, and write projects and data, or to access any device via remote maintenance.

AI Analysis

Vulnerability due to the use of static cryptographic keys in system components, allowing unauthorized remote access to read, modify, and write projects and data.

Basic Information

ID CVE-2025-41742

Source CERTVDE

Published Dec 2, 2025 at 10:39

Affected Product

Vendor Sprecher Automation

Product SPRECON-E-C

Version *

Affected Versions Sprecher Automation SPRECON-E-C *
Sprecher Automation SPRECON-E-P *
Sprecher Automation SPRECON-E-T3 *

CWE Classification

CWE-1394

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor Sprecher Automation

Product SPRECON-E series

Version *

References

www.sprecher-automation.com /fileadmin/itSecurity/PDF/SPR-2511042_de.pdf

{
    "lastseen": "",
    "description": "Sprecher Automations SPRECON-E-C,  SPRECON-E-P, SPRECON-E-T3 is vulnerable to attack by an unauthorized remote attacker via default cryptographic keys. The use of these keys allows the attacker to read, modify, and write projects and data, or to access any device via remote maintenance.",
    "published": "2025-12-02T10:39:08.982Z",
    "modified": "2025-12-02T10:39:08.982Z",
    "type": "cve",
    "title": "Sprecher Automation: SPRECON-E series has a critical vulnerability due to the use of static cryptographic keys in system components",
    "source": "CERTVDE",
    "references": "https://www.sprecher-automation.com/fileadmin/itSecurity/PDF/SPR-2511042_de.pdf",
    "id": "CVE-2025-41742",
    "bulletinFamily": "",
    "cwe": [
        "CWE-1394"
    ],
    "cvelist": null,
    "sourceData": "Sprecher Automation SPRECON-E-C *\nSprecher Automation SPRECON-E-P *\nSprecher Automation SPRECON-E-T3 *",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SPRECON-E-C",
    "version": "*",
    "vendor": "Sprecher Automation",
    "ai_description": "Vulnerability due to the use of static cryptographic keys in system components, allowing unauthorized remote access to read, modify, and write projects and data.",
    "ai_severity": "Critical",
    "ai_vendor": "Sprecher Automation",
    "ai_product": "SPRECON-E series",
    "ai_version": "*",
    "ai_score": 9.8
}

Sprecher Automation: SPRECON-E series has a critical vulnerability due to the use of static cryptographic keys in system components_CVE-2025-41742