Vulnerability Details CVE-2025-6519
E3 Site Supervisor (firmware version < 2.31F01) has a default admin user "ONEDAY" with a daily generated password. An attacker can predictably generate the password for ONEDAY. The oneday user cannot be deleted or modified by any user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.5%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2025-6519
-
cpe:2.3:h:copeland:site_supervisor_bx_860-1240:-
-
cpe:2.3:h:copeland:site_supervisor_bxe_860-1245:-
-
cpe:2.3:h:copeland:site_supervisor_cx_860-1260:-
-
cpe:2.3:h:copeland:site_supervisor_cxe_860-1265:-
-
cpe:2.3:h:copeland:site_supervisor_rx_860-1220:-
-
cpe:2.3:h:copeland:site_supervisor_rxe_860-1225:-
-
cpe:2.3:h:copeland:site_supervisor_sf_860-1200:-
-
cpe:2.3:o:copeland:e3_supervisory_controller_firmware:2.02f01
-
cpe:2.3:o:copeland:e3_supervisory_controller_firmware:2.04f01
-
cpe:2.3:o:copeland:e3_supervisory_controller_firmware:2.05f01
-
cpe:2.3:o:copeland:e3_supervisory_controller_firmware:2.07f01
-
cpe:2.3:o:copeland:e3_supervisory_controller_firmware:2.08f01
-
cpe:2.3:o:copeland:e3_supervisory_controller_firmware:2.10f01
-
cpe:2.3:o:copeland:e3_supervisory_controller_firmware:2.11f01
-
cpe:2.3:o:copeland:e3_supervisory_controller_firmware:2.17f02
-
cpe:2.3:o:copeland:e3_supervisory_controller_firmware:2.19f01
-
cpe:2.3:o:copeland:e3_supervisory_controller_firmware:2.20f03
-
cpe:2.3:o:copeland:e3_supervisory_controller_firmware:2.23f01
-
cpe:2.3:o:copeland:e3_supervisory_controller_firmware:2.28f02
-
cpe:2.3:o:copeland:e3_supervisory_controller_firmware:2.29f02
-
cpe:2.3:o:copeland:e3_supervisory_controller_firmware:2.30f01
-
cpe:2.3:o:copeland:e3_supervisory_controller_firmware:2.30f02