ADVISORIES, INSIGHTS | January 26, 2026

IOActive Security Advisory | CIRCUTOR – SGE-PLC1000/SGE-PLC50 v 0.9.2 / ServicePack 140411

By Gabriel Gonzalez & Sergio Ruiz

Affected Product

CIRCUTOR – SGE-PLC1000/SGE-PLC50 v 0.9.2 / ServicePack 140411

Title	CIRCUTOR SGE PLC1000/PLC50
Severity	1 Critical, 10 High, 3 medium
Discovered by	Gabriel Gonzalez / Sergio Ruiz
Advisory Date	January 26, 2026

Timeline

2025-03-14: Vulnerabilities identified, disclosure process begins.
2025-09-30: INCIBE gets ahold of the client to fix vulnerabilities
2025-10-28: INCIBE coordinates disclosure: https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-circutor-products-0

Download Full Advisory

NEWSLETTER SIGN UP
COPYRIGHT AND AI WARNING
©2026 IOActive Inc. All Rights Reserved. This website, including all material, images, and data contained herein, are protected by copyright. All rights are reserved. Content may not be used, copied, reproduced, transmitted, or otherwise exploited in any manner, including without limitation, to train generative artificial intelligence (AI) technologies, without IOActive’s prior written consent.