CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-52545

E3 Site Supervisor Control (firmware version < 2.31F01) RCI service contains an API call to read users info, which returns all usernames and password hashes for the application services.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.7%

CVSS Severity

CVSS v3 Score 7.5

References

https://www.armis.com/research/frostbyte10/

Products affected by CVE-2025-52545

Copeland » Site Supervisor Bx 860-1240 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_bx_860-1240:-
Copeland » Site Supervisor Bxe 860-1245 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_bxe_860-1245:-
Copeland » Site Supervisor Cx 860-1260 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_cx_860-1260:-
Copeland » Site Supervisor Cxe 860-1265 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_cxe_860-1265:-
Copeland » Site Supervisor Rx 860-1220 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_rx_860-1220:-
Copeland » Site Supervisor Rxe 860-1225 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_rxe_860-1225:-
Copeland » Site Supervisor Sf 860-1200 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_sf_860-1200:-
Copeland » E3 Supervisory Controller Firmware » Version: Any

cpe:2.3:o:copeland:e3_supervisory_controller_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-52545

Products

Pricing

Contact Us