CVE-2025-41742 Sprecher Automation: SPRECON-E series has a critical vulnerability due to the use of static cryptographic keys in system components

🗓️ 02 Dec 2025 10:39:08Reported by CERTVDEType

SPRECON-E series flaw with static default cryptographic keys lets remote attackers read, modify, and write data.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2025-41742	2 Dec 202511:09	–	circl
CNNVD	Sprecher Automation SPRECON-E-C和Sprecher Automation SPRECON-E-P 安全漏洞	2 Dec 202500:00	–	cnnvd
CVE	CVE-2025-41742	2 Dec 202510:39	–	cve
EUVD	EUVD-2025-200220	2 Dec 202510:39	–	euvd
NVD	CVE-2025-41742	2 Dec 202511:15	–	nvd
Positive Technologies	PT-2025-48661	4 Nov 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-41742	3 Dec 202510:41	–	redhatcve
Vulnrichment	CVE-2025-41742 Sprecher Automation: SPRECON-E series has a critical vulnerability due to the use of static cryptographic keys in system components	2 Dec 202510:39	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "SPRECON-E-C",
    "vendor": "Sprecher Automation",
    "versions": [
      {
        "status": "affected",
        "version": "*"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "SPRECON-E-P",
    "vendor": "Sprecher Automation",
    "versions": [
      {
        "status": "affected",
        "version": "*"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "SPRECON-E-T3",
    "vendor": "Sprecher Automation",
    "versions": [
      {
        "status": "affected",
        "version": "*"
      }
    ]
  }
]

Source	Link
sprecher-automation	www.sprecher-automation.com/fileadmin/itSecurity/PDF/SPR-2511042_de.pdf

02 Dec 2025 10:39Current

CVSS 3.19.8

EPSS0.00327

CWE-1394