CVE-2025-52548

E3 Site Supervisor Control (firmware version < 2.31F01) contains a hidden API call in the application services that enables SSH and Shellinabox, which exist but are disabled by default. An attacker with admin access to the application services can utilize this API to enable remote access to the underlying OS.

CVSS v3 4.9 MEDIUM

4.9^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.armis.com/research/frostbyte10/	Mitigation Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:copeland:e3_supervisory_controller_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:copeland:site_supervisor_bx_860-1240:-:::::::*
	cpe:2.3:h:copeland:site_supervisor_bxe_860-1245:-:::::::*
	cpe:2.3:h:copeland:site_supervisor_cx_860-1260:-:::::::*
	cpe:2.3:h:copeland:site_supervisor_cxe_860-1265:-:::::::*
	cpe:2.3:h:copeland:site_supervisor_rx_860-1220:-:::::::*
	cpe:2.3:h:copeland:site_supervisor_rxe_860-1225:-:::::::*
	cpe:2.3:h:copeland:site_supervisor_sf_860-1200:-:::::::*

History

No history.

Information

Published : 2025-09-02 12:15

Updated : 2025-10-01 18:25

NVD link : CVE-2025-52548

Mitre link : CVE-2025-52548

CVE.ORG link : CVE-2025-52548

JSON object : View

Products Affected

copeland

site_supervisor_cx_860-1260
site_supervisor_cxe_860-1265
site_supervisor_sf_860-1200
site_supervisor_rxe_860-1225
e3_supervisory_controller_firmware
site_supervisor_bxe_860-1245
site_supervisor_rx_860-1220
site_supervisor_bx_860-1240

CWE

CWE-1242

Inclusion of Undocumented Features or Chicken Bits

{"id": "CVE-2025-52548", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.2}], "cvssMetricV40": [{"type": "Secondary", "source": "dd59f033-460c-4b88-a075-d4d3fedb6191", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-09-02T12:15:37.393", "references": [{"url": "https://www.armis.com/research/frostbyte10/", "tags": ["Mitigation", "Third Party Advisory"], "source": "dd59f033-460c-4b88-a075-d4d3fedb6191"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "dd59f033-460c-4b88-a075-d4d3fedb6191", "description": [{"lang": "en", "value": "CWE-1242"}]}], "descriptions": [{"lang": "en", "value": "E3 Site Supervisor Control (firmware version < 2.31F01) contains a hidden API call in the application services that enables SSH and Shellinabox, which exist but are disabled by default. An attacker with admin access to the application services can utilize this API to enable remote access to the underlying OS."}], "lastModified": "2025-10-01T18:25:16.733", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:copeland:e3_supervisory_controller_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "791AC7BF-A584-446A-A5FB-CB282430567A", "versionEndExcluding": "2.31f01"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:copeland:site_supervisor_bx_860-1240:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "62991432-9156-4152-B940-4428A06ABBDA"}, {"criteria": "cpe:2.3:h:copeland:site_supervisor_bxe_860-1245:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7281C06F-83DC-4A57-9076-B666C643B1A0"}, {"criteria": "cpe:2.3:h:copeland:site_supervisor_cx_860-1260:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FC339BFF-3123-4BE2-8092-3AD6FBB0AEFF"}, {"criteria": "cpe:2.3:h:copeland:site_supervisor_cxe_860-1265:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C42AA549-5959-4E4D-81AD-9E04218EC157"}, {"criteria": "cpe:2.3:h:copeland:site_supervisor_rx_860-1220:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3F77BC1C-9709-40CB-AF4D-6A118D8F41E2"}, {"criteria": "cpe:2.3:h:copeland:site_supervisor_rxe_860-1225:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3F10BB44-439E-4823-8ECF-1700355C78E3"}, {"criteria": "cpe:2.3:h:copeland:site_supervisor_sf_860-1200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B4909D80-1F06-437F-8D66-E39535B5E60D"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "dd59f033-460c-4b88-a075-d4d3fedb6191"}