CVE-2025-41743

Summary

Insufficient encryption strength in Sprecher Automation SPRECON-E-C, SPRECON-E-P, and SPRECON-E-T3 allows a local unprivileged attacker to extract data from update images and thus obtain limited information about the architecture and internal processes.

Affected Software

VendorProductVersion RangeStatus
Sprecher AutomationSPRECON-E-C1.0 < 9.0affected
Sprecher AutomationSPRECON-E-P1.0 < 9.0affected
Sprecher AutomationSPRECON-E-T31.0 < 9.0affected

Weaknesses

  • CWE-326: CWE-326 Inadequate Encryption Strength

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References