9.8критическая
CVE-2025-52549
Описание
E3 Site Supervisor Control (firmware version < 2.31F01) generates the root linux password on each boot. An attacker can generate the root linux password for a vulnerable device based on known or easy to fetch parameters.
Затрагиваемое ПО
Copeland E3 supervisory controller firmwareCopeland Site supervisor bx 860-1240Copeland Site supervisor bxe 860-1245Copeland Site supervisor cx 860-1260Copeland Site supervisor cxe 860-1265Copeland Site supervisor rx 860-1220Copeland Site supervisor rxe 860-1225Copeland Site supervisor sf 860-1200
CVSS
| Балл | 9.8 — критическая |
| Вектор | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Источники
https://www.armis.com/research/frostbyte10/