CVE-2025-41742
- EPSS 0.16%
- Veröffentlicht 02.12.2025 10:39:08
- Zuletzt bearbeitet 23.02.2026 17:15:44
Sprecher Automations SPRECON-E-C, SPRECON-E-P, SPRECON-E-T3 is vulnerable to attack by an unauthorized remote attacker via default cryptographic keys. The use of these keys allows the attacker to read, modify, and write projects and data, or to acce...
- EPSS 0.01%
- Veröffentlicht 02.12.2025 10:38:51
- Zuletzt bearbeitet 23.02.2026 17:16:10
Insufficient encryption strength in Sprecher Automation SPRECON-E-C, SPRECON-E-P, and SPRECON-E-T3 allows a local unprivileged attacker to extract data from update images and thus obtain limited information about the architecture and internal process...
CVE-2025-41744
- EPSS 0.06%
- Veröffentlicht 02.12.2025 10:38:47
- Zuletzt bearbeitet 23.02.2026 17:15:02
Sprecher Automations SPRECON-E series uses default cryptographic keys that allow an unprivileged remote attacker to access all encrypted communications, thereby compromising confidentiality and integrity.
CVE-2024-6758
- EPSS 0.21%
- Veröffentlicht 12.08.2024 13:38:40
- Zuletzt bearbeitet 22.08.2025 09:15:33
Improper Privilege Management in Sprecher Automation SPRECON-E below version 8.71j allows a remote attacker with low privileges to save unauthorized protection assignments.
CVE-2022-4333
- EPSS 0.81%
- Veröffentlicht 01.06.2023 06:15:13
- Zuletzt bearbeitet 21.11.2024 07:35:04
Hardcoded Credentials in multiple SPRECON-E CPU variants of Sprecher Automation allows an remote attacker to take over the device. These accounts should be deactivated according to Sprecher's hardening guidelines.
CVE-2022-4332
- EPSS 0.05%
- Veröffentlicht 01.06.2023 06:15:09
- Zuletzt bearbeitet 21.11.2024 07:35:04
In Sprecher Automation SPRECON-E-C/P/T3 CPU in variant PU244x a vulnerable firmware verification has been identified. Through physical access and hardware manipulation, an attacker might be able to bypass hardware-based code verification and thus inj...