Sensitive Information Exposure on CIRCUTOR Web Server
CVE-2025-64386

7.7HIGH

Key Information:

Vendor: Circutor
Status: Tcprs1plus
Vendor: CVE Published:; 31 October 2025

What is CVE-2025-64386?

This vulnerability allows sensitive information to be transmitted unencrypted through the web server of CIRCUTOR devices. As a result, attackers may intercept and access confidential data during communication, highlighting the need for proper encryption protocols to safeguard data integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

TCPRS1plus 1.0.14

References

https://circutor.com/productos/iot-industrial-y-automatiz...

product

https://www.hackrtu.com/blog/cg-0day-en-003/

technical-description

https://cds.thalesgroup.com/es/s21sec-about

CVSS V4

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Oct 31, 2025
Vulnerability Reserved
Oct 31, 2025

Credit

Víctor Bello Cuevas

Aarón Flecha Menéndez

JSON

Circutor

What is CVE-2025-64386?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.