Unrated severityNVD Advisory· Published Dec 2, 2025· Updated Dec 2, 2025
Use of hardcoded cryptographic keys in Circutor SGE-PLC1000/SGE-PLC50
CVE-2025-11781
Description
Use of hardcoded cryptographic keys in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The affected firmware contains a hardcoded static authentication key. An attacker with local access to the device can extract this key (e.g., by analysing the firmware image or memory dump) and create valid firmware update packages. This bypasses all intended access controls and grants full administrative privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: =9.0.2
- Range: 9.0.2
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.