CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-52550

E3 Site Supervisor Control (firmware version < 2.31F01) firmware upgrade packages are unsigned. An attacker can forge malicious firmware upgrade packages. An attacker with admin access to the application services can install a malicious firmware upgrade.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.5%

CVSS Severity

CVSS v3 Score 7.2

References

https://www.armis.com/research/frostbyte10/

Products affected by CVE-2025-52550

Copeland » Site Supervisor Bx 860-1240 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_bx_860-1240:-
Copeland » Site Supervisor Bxe 860-1245 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_bxe_860-1245:-
Copeland » Site Supervisor Cx 860-1260 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_cx_860-1260:-
Copeland » Site Supervisor Cxe 860-1265 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_cxe_860-1265:-
Copeland » Site Supervisor Rx 860-1220 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_rx_860-1220:-
Copeland » Site Supervisor Rxe 860-1225 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_rxe_860-1225:-
Copeland » Site Supervisor Sf 860-1200 » Version: N/A

cpe:2.3:h:copeland:site_supervisor_sf_860-1200:-
Copeland » E3 Supervisory Controller Firmware » Version: Any

cpe:2.3:o:copeland:e3_supervisory_controller_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-52550

Products

Pricing

Contact Us