Sprecher Automation SPRECON-E Series Default Cryptographic Keys Vulnerability Allowing Unauthorized Access to Encrypted Communications
Vulnerability
A vulnerability exists in the Sprecher Automation SPRECON-E series due to the use of default cryptographic keys. This flaw allows an unprivileged remote attacker to access all encrypted communications, compromising the confidentiality and integrity of the data. The affected products include the SPRECON-E-C, SPRECON-E-P, and SPRECON-E-T3 models, all running firmware versions prior to 9.0.
Impact
Exploitation of this vulnerability allows for unauthorized access to encrypted communications, undermining the confidentiality and integrity of the data.
Remediation
Users can update to firmware version 9.0 or higher, which addresses this vulnerability by replacing the default cryptographic keys with a stronger encryption mechanism. For those unable to update, it is recommended to securely store firmware files as sensitive information and to only use official, trusted sources for firmware updates.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.