Sprecher-Automation: >> Sprecon-E-P Ds6-0 Firmware Security Vulnerabilities
Improper Privilege Management in Sprecher Automation SPRECON-E below version 8.71j allows a remote attacker with low privileges to save unauthorized protection assignments.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-08-12
Hardcoded Credentials in multiple SPRECON-E CPU variants of Sprecher Automation allows an remote attacker to take over the device. These accounts should be deactivated according to Sprecher's hardening guidelines.
CVSS Score
9.8
EPSS Score
0.006
Published
2023-06-01
In Sprecher Automation SPRECON-E-C/P/T3 CPU in variant PU244x a vulnerable firmware verification has been identified. Through physical access and hardware manipulation, an attacker might be able to bypass hardware-based code verification and thus inject and execute arbitrary code and gain full access of the device.
CVSS Score
6.8
EPSS Score
0.0
Published
2023-06-01