VYPR
Unrated severityNVD Advisory· Published Dec 2, 2025· Updated Dec 2, 2025

Use of hardcoded cryptographic keys in Circutor SGE-PLC1000/SGE-PLC50

CVE-2025-11781

Description

Use of hardcoded cryptographic keys in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The affected firmware contains a hardcoded static authentication key. An attacker with local access to the device can extract this key (e.g., by analysing the firmware image or memory dump) and create valid firmware update packages. This bypasses all intended access controls and grants full administrative privileges.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.

CVE-2025-11781 · VYPR