CVE-2025-11781
BaseFortify
Publication date: 2025-12-02
Last updated on: 2025-12-03
Assigner: Spanish National Cybersecurity Institute, S.A. (INCIBE)
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| circutor | sge-plc1000_firmware | 9.0.2 |
| circutor | sge-plc1000 | * |
| circutor | sge-plc50_firmware | 9.0.2 |
| circutor | sge-plc50 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-321 | The product uses a hard-coded, unchangeable cryptographic key. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the use of hardcoded cryptographic keys in Circutor SGE-PLC1000/SGE-PLC50 devices running firmware version 9.0.2. The firmware contains a static authentication key embedded in the code. An attacker with local access to the device can extract this key by analyzing the firmware image or memory dump. With this key, the attacker can create valid firmware update packages, bypassing all access controls and gaining full administrative privileges on the device.
How can this vulnerability impact me? :
If exploited, this vulnerability allows an attacker with local access to gain full administrative control over the affected device. This means the attacker can install malicious firmware updates, potentially disrupting device operation, stealing sensitive data, or using the device as a foothold for further attacks within the network.
What immediate steps should I take to mitigate this vulnerability?
The affected Circutor SGE-PLC1000/SGE-PLC50 devices are discontinued since 2015 and have been replaced by newer models (Compact DC and currently GEDE EDC). The recommended mitigation is to update the firmware to version 2.0.0 or later, which addresses this and other vulnerabilities. [1]