How to fix CVE-2025-11786?

Within 24 hours: Identify and inventory all SGE-PLC1000/PLC50 v9.0.2 devices in your environment; restrict network access to affected devices to trusted administrative networks only; disable remote password reset functionality if operationally feasible. Within 7 days: Implement network segmentation isolating affected PLCs from untrusted networks; deploy enhanced logging and monitoring on password reset functions; conduct threat assessment for exposed devices. Within 30 days: Contact Circutor for patch availability and timeline; develop remediation plan including device replacement or upgrade strategy; establish compensating controls for devices that cannot be immediately patched.

Is Stack Overflow affected by CVE-2025-11786?

A critical remote code execution vulnerability affects Circutor SGE-PLC industrial control devices (models PLC1000/PLC50 v9.0.2), allowing attackers to execute arbitrary commands with application-level privileges through password reset functionality.

CVE-2025-11786

EUVD-2025-200230 CRITICAL

2025-12-02 [email protected]

9.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 15, 2026 - 14:04 euvd

EUVD-2025-200230

Analysis Generated

Mar 15, 2026 - 14:04 vuln.today

CVE Published

Dec 02, 2025 - 13:15 nvd

CRITICAL 9.8

Description

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'SetUserPassword()' function, the 'newPassword' parameter is directly embedded in a shell command string using 'sprintf()' without any sanitisation or validation, and then executed using 'system()'. This allows an attacker to inject arbitrary shell commands that will be executed with the same privileges as the application.

Analysis

Technical Context

A buffer overflow occurs when data written to a buffer exceeds its allocated size, potentially overwriting adjacent memory and corrupting program state. This vulnerability is classified as Stack-based Buffer Overflow (CWE-121).

Affected Products

Affected products: Circutor Sge-Plc1000 Firmware 9.0.2, Circutor Sge-Plc50 Firmware 9.0.2

Remediation

Use memory-safe languages or bounds-checked functions. Enable ASLR, DEP/NX, and stack canaries. Apply vendor patches promptly.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +49

POC: 0

CVE-2025-11786 vulnerability details – vuln.today

Back

CVE-2025-11786

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-11786

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code