ГлавнаяУязвимости → CVE-2025-52549
9.8критическая

CVE-2025-52549

Описание

E3 Site Supervisor Control (firmware version < 2.31F01) generates the root linux password on each boot. An attacker can generate the root linux password for a vulnerable device based on known or easy to fetch parameters.

Затрагиваемое ПО
Copeland E3 supervisory controller firmwareCopeland Site supervisor bx 860-1240Copeland Site supervisor bxe 860-1245Copeland Site supervisor cx 860-1260Copeland Site supervisor cxe 860-1265Copeland Site supervisor rx 860-1220Copeland Site supervisor rxe 860-1225Copeland Site supervisor sf 860-1200
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.armis.com/research/frostbyte10/