CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-52543

E3 Site Supervisor Control (firmware version < 2.31F01) application services (MGW and RCI) uses client side hashing for authentication. An attacker can authenticate by obtaining only the password hash.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 15.9%

CVSS Severity

CVSS v3 Score 7.5

References

https://www.armis.com/research/frostbyte10/

Products affected by CVE-2025-52543

Copeland » Site Supervisor Bx 860-1240 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_bx_860-1240:-
Copeland » Site Supervisor Bxe 860-1245 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_bxe_860-1245:-
Copeland » Site Supervisor Cx 860-1260 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_cx_860-1260:-
Copeland » Site Supervisor Cxe 860-1265 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_cxe_860-1265:-
Copeland » Site Supervisor Rx 860-1220 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_rx_860-1220:-
Copeland » Site Supervisor Rxe 860-1225 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_rxe_860-1225:-
Copeland » Site Supervisor Sf 860-1200 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_sf_860-1200:-
Copeland » E3 Supervisory Controller Firmware » Version: Any

cpe:2.3:o:copeland:e3_supervisory_controller_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-52543

Products

Pricing

Contact Us