CVE-2025-11788
Circutor · SGE-PLC1000/SGE-PLC50
The Circutor SGE-PLC1000/SGE-PLC50 contains a heap-based buffer overflow in the 'ShowSupervisorParameters()' function due to insufficient input validation.
Executive summary
A heap-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 allows unauthenticated attackers to trigger a crash or potentially execute arbitrary code.
Vulnerability
This is a heap-based buffer overflow vulnerability occurring when the 'ShowSupervisorParameters()' function processes user input for the 'meter' parameter. The lack of size validation before copying data into a fixed-size buffer via 'sprintf()' enables memory corruption.
Business impact
The CVSS score of 9.8 reflects the potential for Remote Code Execution (RCE) on industrial control hardware. Successful exploitation could lead to full device takeover, resulting in operational downtime, loss of control over connected electrical meters, and potential lateral movement within the OT (Operational Technology) network.
Remediation
Immediate Action: Update the affected Circutor devices to the latest firmware version as soon as provided by the manufacturer.
Proactive Monitoring: Monitor network traffic for anomalous sequences directed at the PLC management interface and check for unexpected device reboots or service crashes.
Compensating Controls: Isolate the PLC management interfaces within a dedicated, restricted VLAN and utilize a firewall to drop malformed or oversized input packets.
Exploitation status
Public Exploit Available: false
Analyst recommendation
This vulnerability represents a significant risk to industrial operations. Affected devices should be isolated from public-facing networks immediately, and administrators must verify that all devices are updated to the latest secure firmware version to prevent memory corruption attacks.